Vulnerability-Lookup

CVE-2022-0543 (GCVE-0-2022-0543)

Vulnerability from cvelistv5 – Published: 2022-02-18 19:25 – Updated: 2025-10-21 23:15

Summary

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

Severity ?

10 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

Lua sandbox escape

Assigner

debian

References

URL

Tags

	https://bugs.debian.org/1005787	x_refsource_MISC
	https://www.ubercomp.com/posts/2022-01-20_redis_o…	x_refsource_MISC
	https://lists.debian.org/debian-security-announce…	mailing-listx_refsource_MLIST
	https://www.debian.org/security/2022/dsa-5081	vendor-advisoryx_refsource_DEBIAN
	https://security.netapp.com/advisory/ntap-2022033…	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/166885/Redis…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Debian	redis	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:32:46.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/1005787"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
          },
          {
            "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
          },
          {
            "name": "DSA-5081",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5081"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-0543",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T20:49:14.266148Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-28",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:45.813Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-28T00:00:00.000Z",
            "value": "CVE-2022-0543 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "Debian",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-02-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Lua sandbox escape",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-27T20:06:10.000Z",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.debian.org/1005787"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
        },
        {
          "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
        },
        {
          "name": "DSA-5081",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5081"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
        }
      ],
      "source": {
        "advisory": "DSA-5081-1",
        "discovery": "EXTERNAL"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "DATE_PUBLIC": "2022-02-18T00:00:00.000Z",
          "ID": "CVE-2022-0543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "redis",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Debian"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Lua sandbox escape"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/1005787",
              "refsource": "MISC",
              "url": "https://bugs.debian.org/1005787"
            },
            {
              "name": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
              "refsource": "MISC",
              "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
            },
            {
              "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
            },
            {
              "name": "DSA-5081",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5081"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220331-0004/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
            },
            {
              "name": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
            }
          ]
        },
        "source": {
          "advisory": "DSA-5081-1",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2022-0543",
    "datePublished": "2022-02-18T19:25:16.932Z",
    "dateReserved": "2022-02-08T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:45.813Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-0543",
      "cwes": "[\"CWE-862\"]",
      "dateAdded": "2022-03-28",
      "dueDate": "2022-04-18",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-0543",
      "product": "Debian-specific Redis Servers",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.",
      "vendorProject": "Redis",
      "vulnerabilityName": "Debian-specific Redis Server Lua Sandbox Escape Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugs.debian.org/1005787\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-security-announce/2022/msg00048.html\", \"name\": \"[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5081\", \"name\": \"DSA-5081\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220331-0004/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:32:46.290Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10.0, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-0543\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T20:49:14.266148Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-28\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-28T00:00:00+00:00\", \"value\": \"CVE-2022-0543 added to CISA KEV\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T20:48:50.868Z\"}}], \"cna\": {\"source\": {\"advisory\": \"DSA-5081-1\", \"discovery\": \"EXTERNAL\"}, \"affected\": [{\"vendor\": \"Debian\", \"product\": \"redis\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2022-02-18T00:00:00.000Z\", \"references\": [{\"url\": \"https://bugs.debian.org/1005787\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.debian.org/debian-security-announce/2022/msg00048.html\", \"name\": \"[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5081\", \"name\": \"DSA-5081\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220331-0004/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Lua sandbox escape\"}]}], \"providerMetadata\": {\"orgId\": \"79363d38-fa19-49d1-9214-5f28da3f3ac5\", \"shortName\": \"debian\", \"dateUpdated\": \"2022-04-27T20:06:10.000Z\"}, \"x_legacyV4Record\": {\"source\": {\"advisory\": \"DSA-5081-1\", \"discovery\": \"EXTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"redis\"}]}, \"vendor_name\": \"Debian\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://bugs.debian.org/1005787\", \"name\": \"https://bugs.debian.org/1005787\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce\", \"name\": \"https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce\", \"refsource\": \"MISC\"}, {\"url\": \"https://lists.debian.org/debian-security-announce/2022/msg00048.html\", \"name\": \"[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://www.debian.org/security/2022/dsa-5081\", \"name\": \"DSA-5081\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220331-0004/\", \"name\": \"https://security.netapp.com/advisory/ntap-20220331-0004/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html\", \"name\": \"http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Lua sandbox escape\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-0543\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@debian.org\", \"DATE_PUBLIC\": \"2022-02-18T00:00:00.000Z\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-0543\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T18:47:03.237Z\", \"dateReserved\": \"2022-02-08T00:00:00.000Z\", \"assignerOrgId\": \"79363d38-fa19-49d1-9214-5f28da3f3ac5\", \"datePublished\": \"2022-02-18T19:25:16.932Z\", \"assignerShortName\": \"debian\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2022-0543

Vulnerability from fkie_nvd - Published: 2022-02-18 20:15 - Updated: 2025-11-10 14:44

Severity ?

10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

References

URL	Tags
security@debian.org	http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html	Exploit, Third Party Advisory, VDB Entry
security@debian.org	https://bugs.debian.org/1005787	Issue Tracking, Patch, Third Party Advisory
security@debian.org	https://lists.debian.org/debian-security-announce/2022/msg00048.html	Mailing List, Third Party Advisory
security@debian.org	https://security.netapp.com/advisory/ntap-20220331-0004/	Third Party Advisory
security@debian.org	https://www.debian.org/security/2022/dsa-5081	Mailing List, Third Party Advisory
security@debian.org	https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugs.debian.org/1005787	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-security-announce/2022/msg00048.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20220331-0004/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2022/dsa-5081	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce	Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543	US Government Resource

Impacted products

Vendor	Product	Version
redis	redis	-
canonical	ubuntu_linux	20.04
canonical	ubuntu_linux	21.10
debian	debian_linux	9.0
debian	debian_linux	10.0
debian	debian_linux	11.0

JSON

To clipboard

{
  "cisaActionDue": "2022-04-18",
  "cisaExploitAdd": "2022-03-28",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Debian-specific Redis Server Lua Sandbox Escape Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EBE5E1C-C881-4A76-9E36-4FB7C48427E6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
              "matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."
    },
    {
      "lang": "es",
      "value": "Se ha detectado que redis, una base de datos persistente de valores clave, debido a un problema de empaquetado, es propenso a un escape del sandbox de Lua (espec\u00edfico de Debian), que podr\u00eda resultar en una ejecuci\u00f3n de c\u00f3digo remota"
    }
  ],
  "id": "CVE-2022-0543",
  "lastModified": "2025-11-10T14:44:23.620",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-02-18T20:15:17.583",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugs.debian.org/1005787"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5081"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugs.debian.org/1005787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CERTFR-2023-AVI-1014

Vulnerability from certfr_avis - Published: 2023-12-12 - Updated: 2023-12-12

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Schneider Electric Trio J-Series Ethernet Data Radio toutes versions
Schneider Electric	N/A	Schneider Electric Trio Q-Series Ethernet Data Radio toutes versions
Schneider Electric	N/A	Schneider Electric Trio E-Series Ethernet Data Radio toutes versions
Schneider Electric	N/A	Schneider Electric Easy UPS Online Monitoring versions antérieures à 2.6-GA-01-23248 pour Windows 10, 11, Windows Server 2016, 2019 et 2022
Schneider Electric	N/A	Plant iT/Brewmaxx versions supérieures ou égales à v9.60 sans le dernier correctif de sécurité disponible via ProLeiT Support

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider SEVD-2023-346-02	2023-12-12	vendor-advisory
Bulletin de sécurité Schneider SEVD-2023-346-03	2023-11-14	vendor-advisory
Bulletin de sécurité Schneider SEVD-2023-346-01	2023-12-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Schneider Electric Trio J-Series Ethernet Data Radio toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Trio Q-Series Ethernet Data Radio toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Trio E-Series Ethernet Data Radio toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Easy UPS Online Monitoring versions ant\u00e9rieures \u00e0 2.6-GA-01-23248 pour Windows 10, 11, Windows Server 2016, 2019 et 2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Plant iT/Brewmaxx versions sup\u00e9rieures ou \u00e9gales \u00e0 v9.60 sans le dernier correctif de s\u00e9curit\u00e9 disponible via ProLeiT Support",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-0543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
    },
    {
      "name": "CVE-2023-5629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5629"
    },
    {
      "name": "CVE-2023-6407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6407"
    },
    {
      "name": "CVE-2023-5630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5630"
    }
  ],
  "initial_release_date": "2023-12-12T00:00:00",
  "last_revision_date": "2023-12-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-1014",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Schneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": "2023-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-346-02",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-346-03.pdf"
    },
    {
      "published_at": "2023-11-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-346-03",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-02\u0026Sp_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-346-02.pdf"
    },
    {
      "published_at": "2023-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-346-01",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-346-01.pdf"
    }
  ]
}

CERTFR-2025-AVI-0524

Vulnerability from certfr_avis - Published: 2025-06-19 - Updated: 2025-06-19

De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Greenplum	Tanzu Greenplum Data Copy Utility versions antérieures à 2.8.0
VMware	Tanzu	Tanzu Data Lake versions antérieures à 1.1.0
VMware	Tanzu	Tanzu pour Postgres sur Kubernetes versions antérieures à 4.1.0 et 4.2.0
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions antérieures à 6.14.0 et 7.4.0
VMware	Tanzu Greenplum	Tanzu Greenplum Backup and Restore versions antérieures à 1.31.1
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server versions antérieures à 2.1.0
VMware	Tanzu Greenplum	Tanzu Greenplum versions 6.x antérieures à 6.29.1
VMware	Tanzu Greenplum	Tanzu Greenplum versions 7.x antérieures à 7.5.0
VMware	Tanzu	VMware Tanzu pour Valkey sur Kubernetes versions antérieures à 1.1.0 et 2.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 35841	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35844	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35843	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35842	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35846	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35849	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35840	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35847	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35839	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35845	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35848	2025-06-18	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Greenplum Data Copy Utility  versions ant\u00e9rieures \u00e0  2.8.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres sur Kubernetes  versions ant\u00e9rieures \u00e0 4.1.0 et 4.2.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Command Center  versions ant\u00e9rieures \u00e0  6.14.0 et 7.4.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Backup and Restore  versions ant\u00e9rieures \u00e0  1.31.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Streaming Server  versions ant\u00e9rieures \u00e0  2.1.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum  versions 6.x ant\u00e9rieures \u00e0  6.29.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum  versions 7.x ant\u00e9rieures \u00e0  7.5.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Tanzu pour Valkey sur Kubernetes  versions ant\u00e9rieures \u00e0 1.1.0 et 2.0.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2019-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2126"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2021-45943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45943"
    },
    {
      "name": "CVE-2021-34141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
    },
    {
      "name": "CVE-2022-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2022-41862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2022-40898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2023-2455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-4752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
    },
    {
      "name": "CVE-2022-0543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2024-1580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1580"
    },
    {
      "name": "CVE-2016-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2023-45289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
    },
    {
      "name": "CVE-2023-45290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
    },
    {
      "name": "CVE-2024-24783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
    },
    {
      "name": "CVE-2024-24784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
    },
    {
      "name": "CVE-2024-24785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2024-23807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2023-5752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2023-4641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2024-22667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
    },
    {
      "name": "CVE-2023-6228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2024-24787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
    },
    {
      "name": "CVE-2024-24788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
    },
    {
      "name": "CVE-2024-7348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
    },
    {
      "name": "CVE-2023-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-24789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
    },
    {
      "name": "CVE-2024-34155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
    },
    {
      "name": "CVE-2024-34156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
    },
    {
      "name": "CVE-2024-34158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
    },
    {
      "name": "CVE-2024-24790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2022-48468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
    },
    {
      "name": "CVE-2023-48161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
    },
    {
      "name": "CVE-2024-11168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
    },
    {
      "name": "CVE-2024-10976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
    },
    {
      "name": "CVE-2024-10977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
    },
    {
      "name": "CVE-2024-10978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
    },
    {
      "name": "CVE-2024-10979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
    },
    {
      "name": "CVE-2024-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
    },
    {
      "name": "CVE-2024-10963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
    },
    {
      "name": "CVE-2025-21490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
    },
    {
      "name": "CVE-2025-21491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
    },
    {
      "name": "CVE-2025-21497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
    },
    {
      "name": "CVE-2025-21500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
    },
    {
      "name": "CVE-2025-21501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
    },
    {
      "name": "CVE-2025-21503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
    },
    {
      "name": "CVE-2025-21505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
    },
    {
      "name": "CVE-2025-21519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
    },
    {
      "name": "CVE-2025-21522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
    },
    {
      "name": "CVE-2025-21523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
    },
    {
      "name": "CVE-2025-21529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
    },
    {
      "name": "CVE-2025-21540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
    },
    {
      "name": "CVE-2025-21546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
    },
    {
      "name": "CVE-2025-21555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
    },
    {
      "name": "CVE-2025-21559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2024-24791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
    },
    {
      "name": "CVE-2023-24531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
    },
    {
      "name": "CVE-2024-45336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
    },
    {
      "name": "CVE-2024-45341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
    },
    {
      "name": "CVE-2025-22866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2022-42967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42967"
    },
    {
      "name": "CVE-2024-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-22235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
    },
    {
      "name": "CVE-2025-31650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2025-27363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2024-55549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2024-12133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2025-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
    },
    {
      "name": "CVE-2025-1390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
    },
    {
      "name": "CVE-2025-31115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
    },
    {
      "name": "CVE-2012-0880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
    },
    {
      "name": "CVE-2017-17507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17507"
    },
    {
      "name": "CVE-2017-8806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
    },
    {
      "name": "CVE-2018-10126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10126"
    },
    {
      "name": "CVE-2018-11205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11205"
    },
    {
      "name": "CVE-2018-13866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13866"
    },
    {
      "name": "CVE-2018-13867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13867"
    },
    {
      "name": "CVE-2018-13868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13868"
    },
    {
      "name": "CVE-2018-13869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13869"
    },
    {
      "name": "CVE-2018-13870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13870"
    },
    {
      "name": "CVE-2018-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13871"
    },
    {
      "name": "CVE-2018-13872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13872"
    },
    {
      "name": "CVE-2018-13874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13874"
    },
    {
      "name": "CVE-2018-13875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13875"
    },
    {
      "name": "CVE-2018-13876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13876"
    },
    {
      "name": "CVE-2018-14031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14031"
    },
    {
      "name": "CVE-2018-14033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14033"
    },
    {
      "name": "CVE-2018-14034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14034"
    },
    {
      "name": "CVE-2018-14035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14035"
    },
    {
      "name": "CVE-2018-14460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14460"
    },
    {
      "name": "CVE-2018-15671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15671"
    },
    {
      "name": "CVE-2018-16438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16438"
    },
    {
      "name": "CVE-2018-17432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17432"
    },
    {
      "name": "CVE-2018-17433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17433"
    },
    {
      "name": "CVE-2018-17434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17434"
    },
    {
      "name": "CVE-2018-17435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17435"
    },
    {
      "name": "CVE-2018-17436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17436"
    },
    {
      "name": "CVE-2018-17437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17437"
    },
    {
      "name": "CVE-2018-17438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17438"
    },
    {
      "name": "CVE-2018-17439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17439"
    },
    {
      "name": "CVE-2019-20005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20005"
    },
    {
      "name": "CVE-2019-20006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20006"
    },
    {
      "name": "CVE-2019-20007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20007"
    },
    {
      "name": "CVE-2019-20198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20198"
    },
    {
      "name": "CVE-2019-20199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20199"
    },
    {
      "name": "CVE-2019-20200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20200"
    },
    {
      "name": "CVE-2019-20201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20201"
    },
    {
      "name": "CVE-2019-20202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20202"
    },
    {
      "name": "CVE-2019-6988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6988"
    },
    {
      "name": "CVE-2019-8396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8396"
    },
    {
      "name": "CVE-2019-8397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8397"
    },
    {
      "name": "CVE-2019-8398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8398"
    },
    {
      "name": "CVE-2019-9151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9151"
    },
    {
      "name": "CVE-2019-9152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9152"
    },
    {
      "name": "CVE-2020-10809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10809"
    },
    {
      "name": "CVE-2020-10810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10810"
    },
    {
      "name": "CVE-2020-10811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10811"
    },
    {
      "name": "CVE-2020-10812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10812"
    },
    {
      "name": "CVE-2020-18232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18232"
    },
    {
      "name": "CVE-2020-18494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18494"
    },
    {
      "name": "CVE-2021-26220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26220"
    },
    {
      "name": "CVE-2021-26221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26221"
    },
    {
      "name": "CVE-2021-26222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26222"
    },
    {
      "name": "CVE-2021-30485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30485"
    },
    {
      "name": "CVE-2021-31229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31229"
    },
    {
      "name": "CVE-2021-31347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31347"
    },
    {
      "name": "CVE-2021-31348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31348"
    },
    {
      "name": "CVE-2021-31598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31598"
    },
    {
      "name": "CVE-2021-33430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
    },
    {
      "name": "CVE-2021-37501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37501"
    },
    {
      "name": "CVE-2021-45829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45829"
    },
    {
      "name": "CVE-2021-45830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45830"
    },
    {
      "name": "CVE-2021-45832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45832"
    },
    {
      "name": "CVE-2021-45833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45833"
    },
    {
      "name": "CVE-2021-46242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46242"
    },
    {
      "name": "CVE-2021-46243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46243"
    },
    {
      "name": "CVE-2021-46244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46244"
    },
    {
      "name": "CVE-2022-25942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25942"
    },
    {
      "name": "CVE-2022-25972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25972"
    },
    {
      "name": "CVE-2022-26061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26061"
    },
    {
      "name": "CVE-2022-30045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30045"
    },
    {
      "name": "CVE-2022-4055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
    },
    {
      "name": "CVE-2022-47655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47655"
    },
    {
      "name": "CVE-2023-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0996"
    },
    {
      "name": "CVE-2023-29659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29659"
    },
    {
      "name": "CVE-2023-32570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
    },
    {
      "name": "CVE-2023-39328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
    },
    {
      "name": "CVE-2023-39329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39329"
    },
    {
      "name": "CVE-2023-51792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
    },
    {
      "name": "CVE-2023-6879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6879"
    },
    {
      "name": "CVE-2024-27304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
    },
    {
      "name": "CVE-2024-29157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29157"
    },
    {
      "name": "CVE-2024-29158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29158"
    },
    {
      "name": "CVE-2024-29159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29159"
    },
    {
      "name": "CVE-2024-29160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29160"
    },
    {
      "name": "CVE-2024-29161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29161"
    },
    {
      "name": "CVE-2024-29162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29162"
    },
    {
      "name": "CVE-2024-29163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29163"
    },
    {
      "name": "CVE-2024-29164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29164"
    },
    {
      "name": "CVE-2024-29165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29165"
    },
    {
      "name": "CVE-2024-29166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29166"
    },
    {
      "name": "CVE-2024-32605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32605"
    },
    {
      "name": "CVE-2024-32606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32606"
    },
    {
      "name": "CVE-2024-32607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32607"
    },
    {
      "name": "CVE-2024-32608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32608"
    },
    {
      "name": "CVE-2024-32609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32609"
    },
    {
      "name": "CVE-2024-32610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32610"
    },
    {
      "name": "CVE-2024-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32611"
    },
    {
      "name": "CVE-2024-32612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32612"
    },
    {
      "name": "CVE-2024-32613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32613"
    },
    {
      "name": "CVE-2024-32614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32614"
    },
    {
      "name": "CVE-2024-32615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32615"
    },
    {
      "name": "CVE-2024-32616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32616"
    },
    {
      "name": "CVE-2024-32617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32617"
    },
    {
      "name": "CVE-2024-32618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32618"
    },
    {
      "name": "CVE-2024-32619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32619"
    },
    {
      "name": "CVE-2024-32620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32620"
    },
    {
      "name": "CVE-2024-32621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32621"
    },
    {
      "name": "CVE-2024-32622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32622"
    },
    {
      "name": "CVE-2024-32623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32623"
    },
    {
      "name": "CVE-2024-32624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32624"
    },
    {
      "name": "CVE-2024-33873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33873"
    },
    {
      "name": "CVE-2024-33874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33874"
    },
    {
      "name": "CVE-2024-33875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33875"
    },
    {
      "name": "CVE-2024-33876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33876"
    },
    {
      "name": "CVE-2024-33877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33877"
    },
    {
      "name": "CVE-2024-34402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34402"
    },
    {
      "name": "CVE-2024-34403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34403"
    },
    {
      "name": "CVE-2024-38949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
    },
    {
      "name": "CVE-2024-38950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
    },
    {
      "name": "CVE-2024-41996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
    },
    {
      "name": "CVE-2024-45993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
    },
    {
      "name": "CVE-2024-46981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
    },
    {
      "name": "CVE-2024-49203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49203"
    },
    {
      "name": "CVE-2024-5171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5171"
    },
    {
      "name": "CVE-2024-51741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51741"
    },
    {
      "name": "CVE-2024-52522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52522"
    },
    {
      "name": "CVE-2024-52616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
    },
    {
      "name": "CVE-2024-53427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
    },
    {
      "name": "CVE-2024-53920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
    },
    {
      "name": "CVE-2024-56378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56378"
    },
    {
      "name": "CVE-2024-56406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
    },
    {
      "name": "CVE-2024-56826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
    },
    {
      "name": "CVE-2024-56827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
    },
    {
      "name": "CVE-2024-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6716"
    },
    {
      "name": "CVE-2025-2153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2153"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-23022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23022"
    },
    {
      "name": "CVE-2025-24528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
    },
    {
      "name": "CVE-2025-4802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
    }
  ],
  "initial_release_date": "2025-06-19T00:00:00",
  "last_revision_date": "2025-06-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0524",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
  "vendor_advisories": [
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35841",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35841"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35844",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35844"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35843",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35843"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35842",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35842"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35846",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35846"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35849",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35849"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35840",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35840"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35847",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35847"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35839",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35839"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35845",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35845"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35848",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35848"
    }
  ]
}

CVE-2022-0543

Vulnerability from fstec - Published: 18.02.2022

Title

Уязвимость системы управления базами данных (СУБД) Redis операционных систем Debian GNU/Linux, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость системы управления базами данных (СУБД) Redis операционных систем Debian GNU/Linux связана с неверным управлением генерацией кода. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Сообщество свободного программного обеспечения, Redis Labs, АО "НППКТ", АО «Концерн ВНИИНС»

Software Name

Debian GNU/Linux, Redis, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

10 (Debian GNU/Linux), 11 (Debian GNU/Linux), до 5.0.14 (Redis), до 2.4.3 (ОСОН ОСнова Оnyx), до 2.6 (ОСОН ОСнова Оnyx), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для redis: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005787 Для Debian GNU/Linux: https://lists.debian.org/debian-security-announce/2022/msg00048.html https://www.debian.org/security/2022/dsa-5081 Для ОСОН Основа: Обновление программного обеспечения redis до версии 5:5.0.14-1+deb10u2 Для ОСОН ОСнова Оnyx: Обновление программного обеспечения redis до версии 5:7.0.5-1 Для ОС ОН «Стрелец»: Обновление программного обеспечения redis до версии 5:6.0.16-1+deb11u2strelets

Reference

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005787 https://lists.debian.org/debian-security-announce/2022/msg00048.html https://www.debian.org/security/2022/dsa-5081 https://www.cybersecurity-help.cz/vdb/SB2022022121 https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.4.3/ https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.6/ https://blog.aquasec.com/redigo-redis-backdoor-malware https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html

CWE

CWE-94

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Redis Labs, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10 (Debian GNU/Linux), 11 (Debian GNU/Linux), \u0434\u043e 5.0.14 (Redis), \u0434\u043e 2.4.3 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 2.6 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f redis:\nhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005787\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://lists.debian.org/debian-security-announce/2022/msg00048.html\nhttps://www.debian.org/security/2022/dsa-5081\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f redis \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5:5.0.14-1+deb10u2\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f redis \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5:7.0.5-1\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f redis \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5:6.0.16-1+deb11u2strelets",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "18.02.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.02.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-00892",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-0543",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Redis, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.6  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 (\u0421\u0423\u0411\u0414) Redis \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Debian GNU/Linux, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430) (CWE-94)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 (\u0421\u0423\u0411\u0414) Redis \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Debian GNU/Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005787\nhttps://lists.debian.org/debian-security-announce/2022/msg00048.html\nhttps://www.debian.org/security/2022/dsa-5081\nhttps://www.cybersecurity-help.cz/vdb/SB2022022121\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.4.3/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.6/\nhttps://blog.aquasec.com/redigo-redis-backdoor-malware\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttp://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0423\u0411\u0414, \u041f\u041e \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0418\u0418",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-94",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,6)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,1)"
}

GHSA-9WPJ-H5JQ-88P9

Vulnerability from github – Published: 2022-02-19 00:01 – Updated: 2025-10-22 00:32

Details

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

Severity ?

10.0 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-0543"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-862"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-18T20:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.",
  "id": "GHSA-9wpj-h5jq-88p9",
  "modified": "2025-10-22T00:32:30Z",
  "published": "2022-02-19T00:01:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0543"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/1005787"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220331-0004"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5081"
    },
    {
      "type": "WEB",
      "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-0543

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

Aliases

CVE-2022-0543

Aliases

CVE-2022-0543

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-0543",
    "description": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.",
    "id": "GSD-2022-0543",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-0543.html",
      "https://www.debian.org/security/2022/dsa-5081",
      "https://ubuntu.com/security/CVE-2022-0543",
      "https://packetstormsecurity.com/files/cve/CVE-2022-0543"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-0543"
      ],
      "details": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.",
      "id": "GSD-2022-0543",
      "modified": "2023-12-13T01:19:11.635449Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2022-0543",
      "dateAdded": "2022-03-28",
      "dueDate": "2022-04-18",
      "product": "Debian-specific Redis Servers",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.",
      "vendorProject": "Redis",
      "vulnerabilityName": "Debian-specific Redis Server Lua Sandbox Escape Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@debian.org",
        "DATE_PUBLIC": "2022-02-18T00:00:00.000Z",
        "ID": "CVE-2022-0543",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "redis",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Debian"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Lua sandbox escape"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugs.debian.org/1005787",
            "refsource": "MISC",
            "url": "https://bugs.debian.org/1005787"
          },
          {
            "name": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
            "refsource": "MISC",
            "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
          },
          {
            "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
          },
          {
            "name": "DSA-5081",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5081"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20220331-0004/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
          },
          {
            "name": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
          }
        ]
      },
      "source": {
        "advisory": "DSA-5081-1",
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2022-0543"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-862"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/1005787",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugs.debian.org/1005787"
            },
            {
              "name": "DSA-5081",
              "refsource": "DEBIAN",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5081"
            },
            {
              "name": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"
            },
            {
              "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220331-0004/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"
            },
            {
              "name": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2023-09-29T15:55Z",
      "publishedDate": "2022-02-18T20:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-0543 (GCVE-0-2022-0543)

FKIE_CVE-2022-0543

CERTFR-2023-AVI-1014

Solution

CERTFR-2025-AVI-0524

Solutions

CVE-2022-0543

GHSA-9WPJ-H5JQ-88P9

GSD-2022-0543

Tags

Sightings

Nomenclature