Search criteria
5 vulnerabilities by dalibo
CVE-2026-2361 (GCVE-0-2026-2361)
Vulnerability from cvelistv5 – Published: 2026-02-11 17:48 – Updated: 2026-02-11 18:24
VLAI?
Title
Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges
Summary
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.get_tablesample_ratio function is then called, the malicious code is executed with superuser privileges. This privilege elevation can be exploited by users having the CREATE privilege in PostgreSQL 15 and later. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version because the creation permission on the public schema is granted by default. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DALIBO | PostgreSQL Anonymizer |
Affected:
1 , < 3.0.1
(rpm)
|
Credits
The PostgreSQL Anonymizer project thanks Daniel Bakker for reporting this problem.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T18:23:47.877689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T18:24:03.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PostgreSQL Anonymizer",
"vendor": "DALIBO",
"versions": [
{
"lessThan": "3.0.1",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "The PostgreSQL Anonymizer project thanks Daniel Bakker for reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.get_tablesample_ratio function is then called, the malicious code is executed with superuser privileges. This privilege elevation can be exploited by users having the CREATE privilege in PostgreSQL 15 and later. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version because the creation permission on the public schema is granted by default. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T17:48:03.805Z",
"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"shortName": "PostgreSQL"
},
"references": [
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/blob/latest/NEWS.md"
},
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/issues/617"
}
],
"title": "Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges",
"workarounds": [
{
"lang": "en",
"value": "Drop the anon.get_tablesample_ratio function. It is obsolete."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"assignerShortName": "PostgreSQL",
"cveId": "CVE-2026-2361",
"datePublished": "2026-02-11T17:48:03.805Z",
"dateReserved": "2026-02-11T17:11:41.858Z",
"dateUpdated": "2026-02-11T18:24:03.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2360 (GCVE-0-2026-2360)
Vulnerability from cvelistv5 – Published: 2026-02-11 17:47 – Updated: 2026-02-11 18:29
VLAI?
Title
Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user to gain superuser privileges in PostgreSQL 14
Summary
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved if a superuser adds a new schema in her/his own search_path and grants the CREATE privilege on that schema to untrusted users, both actions being clearly discouraged by the PostgreSQL documentation. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DALIBO | PostgreSQL Anonymizer |
Affected:
1 , < 3.0.1
(rpm)
|
Credits
The PostgreSQL Anonymizer project thanks Daniel Bakker for reporting this problem.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T18:26:16.656159Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T18:29:12.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PostgreSQL Anonymizer",
"vendor": "DALIBO",
"versions": [
{
"lessThan": "3.0.1",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "The PostgreSQL Anonymizer project thanks Daniel Bakker for reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved if a superuser adds a new schema in her/his own search_path and grants the CREATE privilege on that schema to untrusted users, both actions being clearly discouraged by the PostgreSQL documentation. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T17:47:55.737Z",
"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"shortName": "PostgreSQL"
},
"references": [
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/blob/latest/NEWS.md"
},
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/issues/616"
},
{
"url": "https://www.postgresql.org/docs/current/ddl-schemas.html#DDL-SCHEMAS-PATH"
}
],
"title": "Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user to gain superuser privileges in PostgreSQL 14",
"workarounds": [
{
"lang": "en",
"value": "Do not allow users to create new objects in the public schema by running the following command in all of your databases: REVOKE CREATE ON SCHEMA public FROM PUBLIC;"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"assignerShortName": "PostgreSQL",
"cveId": "CVE-2026-2360",
"datePublished": "2026-02-11T17:47:55.737Z",
"dateReserved": "2026-02-11T17:11:41.119Z",
"dateUpdated": "2026-02-11T18:29:12.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5690 (GCVE-0-2025-5690)
Vulnerability from cvelistv5 – Published: 2025-06-04 21:34 – Updated: 2025-06-05 18:10
VLAI?
Title
Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data
Summary
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg_dump. This problem occurs only when dynamic masking is enabled, which is not the default setting. The problem is resolved in version 2.2.1
Severity ?
6.5 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DALIBO | PostgreSQL Anonymizer |
Affected:
1 , < 2.2.1
(rpm)
|
Credits
The PostgreSQL Anonymizer project thanks Jukka Heiskanen for reporting this problem.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5690",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T18:09:40.493423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T18:10:03.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PostgreSQL Anonymizer",
"vendor": "DALIBO",
"versions": [
{
"lessThan": "2.2.1",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Dynamic masking must be enabled"
}
],
"credits": [
{
"lang": "en",
"value": "The PostgreSQL Anonymizer project thanks Jukka Heiskanen for reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg_dump. This problem occurs only when dynamic masking is enabled, which is not the default setting. The problem is resolved in version 2.2.1"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T21:34:47.358Z",
"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"shortName": "PostgreSQL"
},
"references": [
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/issues/531"
}
],
"title": "Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data",
"workarounds": [
{
"lang": "en",
"value": "Disable dynamic masking"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"assignerShortName": "PostgreSQL",
"cveId": "CVE-2025-5690",
"datePublished": "2025-06-04T21:34:47.358Z",
"dateReserved": "2025-06-04T18:41:30.661Z",
"dateUpdated": "2025-06-05T18:10:03.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2339 (GCVE-0-2024-2339)
Vulnerability from cvelistv5 – Published: 2024-03-08 20:07 – Updated: 2024-08-02 19:53
VLAI?
Title
Improper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
Summary
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous dump method, the malicious code is executed and can grant escalated privileges to the malicious user. PostgreSQL Anonymizer v1.2 does provide a protection against this risk with the restrict_to_trusted_schemas option, but that protection is incomplete. Users that don't own a table, especially masked users cannot exploit this vulnerability. The problem is resolved in v1.3.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DALIBO | PostgreSQL Anonymizer |
Affected:
1 , < 1.3.0
(rpm)
|
Credits
The PostgreSQL Anonymizer project thanks Pedro Gallegos for reporting this problem.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/commit/e517b38e62e50871b04011598e73a7308bdae9d9"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dalibo:postgresql_anonymizer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "postgresql_anonymizer",
"vendor": "dalibo",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T19:52:46.930699Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T19:53:36.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PostgreSQL Anonymizer",
"vendor": "DALIBO",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "A user that own a table also has the CREATE permission"
}
],
"credits": [
{
"lang": "en",
"value": "The PostgreSQL Anonymizer project thanks Pedro Gallegos for reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking or the anonymous dump method, the malicious code is executed and can grant escalated privileges to the malicious user. PostgreSQL Anonymizer v1.2 does provide a protection against this risk with the restrict_to_trusted_schemas option, but that protection is incomplete. Users that don\u0027t own a table, especially masked users cannot exploit this vulnerability. The problem is resolved in v1.3."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T20:07:14.838Z",
"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"shortName": "PostgreSQL"
},
"references": [
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/commit/e517b38e62e50871b04011598e73a7308bdae9d9"
}
],
"title": "Improper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule",
"workarounds": [
{
"lang": "en",
"value": "Revoke the CREATE permission to non-superusers"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"assignerShortName": "PostgreSQL",
"cveId": "CVE-2024-2339",
"datePublished": "2024-03-08T20:07:14.838Z",
"dateReserved": "2024-03-08T19:53:56.153Z",
"dateUpdated": "2024-08-02T19:53:36.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2338 (GCVE-0-2024-2338)
Vulnerability from cvelistv5 – Published: 2024-03-08 20:07 – Updated: 2024-08-01 19:11
VLAI?
Title
SQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule
Summary
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex expressions to be provided as a value. This expression is then later used as it to create the masked views leading to SQL Injection. If dynamic masking is enabled, this will lead to privilege escalation to superuser after the label is created. Users that don't own a table, especially masked users cannot exploit this vulnerability. The problem is resolved in v1.3.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| DALIBO | PostgreSQL Anonymizer |
Affected:
1 , < 1.3.0
(rpm)
|
Credits
The PostgreSQL Anonymizer project thanks Pedro Gallegos for reporting this problem.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dalibo:postgresql_anonymizer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "postgresql_anonymizer",
"vendor": "dalibo",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T20:14:45.813825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T20:21:48.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/commit/f55daadba3fa8226029687964aa8889d01a79778"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PostgreSQL Anonymizer",
"vendor": "DALIBO",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "1",
"versionType": "rpm"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Dynamic masking must be enabled"
}
],
"credits": [
{
"lang": "en",
"value": "The PostgreSQL Anonymizer project thanks Pedro Gallegos for reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex expressions to be provided as a value. This expression is then later used as it to create the masked views leading to SQL Injection. If dynamic masking is enabled, this will lead to privilege escalation to superuser after the label is created. Users that don\u0027t own a table, especially masked users cannot exploit this vulnerability. The problem is resolved in v1.3."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T20:07:00.788Z",
"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"shortName": "PostgreSQL"
},
"references": [
{
"url": "https://gitlab.com/dalibo/postgresql_anonymizer/-/commit/f55daadba3fa8226029687964aa8889d01a79778"
}
],
"title": "SQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule",
"workarounds": [
{
"lang": "en",
"value": "Disable dynamic masking"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"assignerShortName": "PostgreSQL",
"cveId": "CVE-2024-2338",
"datePublished": "2024-03-08T20:07:00.788Z",
"dateReserved": "2024-03-08T19:53:55.525Z",
"dateUpdated": "2024-08-01T19:11:53.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}