Vulnerability-Lookup

CVE-2019-10219 (GCVE-0-2019-10219)

Vulnerability from cvelistv5 – Published: 2019-11-08 14:46 – Updated: 2025-07-07 13:55

Summary

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-79

Assigner

redhat

References

URL

Tags

	https://lists.apache.org/thread.html/r87b7e2d2298…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r4f8b4e2541b…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r4f92d7f7682…	mailing-listx_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2020:0164	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0159	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0160	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0161	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0445	vendor-advisoryx_refsource_REDHAT
	https://lists.apache.org/thread.html/rf9c17c3efc4…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/rd418deda6f0…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/rb8dca19a4e5…	mailing-listx_refsource_MLIST
	https://www.oracle.com/security-alerts/cpujan2022.html	x_refsource_MISC
	https://github.com/hibernate/hibernate-validator/…	patch
	https://github.com/hibernate/hibernate-validator/…	patch
	https://github.com/poc-effectiveness/PoCAdaptatio…	exploit
	https://github.com/poc-effectiveness/PoCAdaptatio…	exploit
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
	https://security.netapp.com/advisory/ntap-2022021…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Hibernate	hibernate-validator	Affected: 6.0.0.Alpha1 , ≤ 6.0.17.Final (semver) Affected: 6.1.0.Alpha1 , ≤ 6.1.0.Alpha6 (semver) Unaffected: 6.0.18.Final , ≤ 6.0.* (semver) Unaffected: 6.1.0.Final , ≤ * (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-07-02T11:46:38.457Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee"
          },
          {
            "url": "https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe"
          },
          {
            "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219"
          },
          {
            "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit"
          },
          {
            "name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E"
          },
          {
            "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E"
          },
          {
            "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E"
          },
          {
            "name": "RHSA-2020:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0164"
          },
          {
            "name": "RHSA-2020:0159",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0159"
          },
          {
            "name": "RHSA-2020:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0160"
          },
          {
            "name": "RHSA-2020:0161",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0161"
          },
          {
            "name": "RHSA-2020:0445",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0445"
          },
          {
            "name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E"
          },
          {
            "name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E"
          },
          {
            "name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://hibernate.org/validator/",
          "defaultStatus": "unknown",
          "product": "hibernate-validator",
          "vendor": "Hibernate",
          "versions": [
            {
              "lessThanOrEqual": "6.0.17.Final",
              "status": "affected",
              "version": "6.0.0.Alpha1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.0.Alpha6",
              "status": "affected",
              "version": "6.1.0.Alpha1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.18.Final",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.1.0.Final",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-07T13:55:51.360Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E"
        },
        {
          "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E"
        },
        {
          "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E"
        },
        {
          "name": "RHSA-2020:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0164"
        },
        {
          "name": "RHSA-2020:0159",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0159"
        },
        {
          "name": "RHSA-2020:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0160"
        },
        {
          "name": "RHSA-2020:0161",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0161"
        },
        {
          "name": "RHSA-2020:0445",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0445"
        },
        {
          "name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E"
        },
        {
          "name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E"
        },
        {
          "name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "name": "Upstream fix commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe"
        },
        {
          "name": "Upstream fix commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56cee"
        },
        {
          "name": "Proof of Concept",
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219"
        },
        {
          "name": "Proof of Concept",
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10219",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "hibernate-validator",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Hibernate"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E"
            },
            {
              "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E"
            },
            {
              "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E"
            },
            {
              "name": "RHSA-2020:0164",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0164"
            },
            {
              "name": "RHSA-2020:0159",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0159"
            },
            {
              "name": "RHSA-2020:0160",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0160"
            },
            {
              "name": "RHSA-2020:0161",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0161"
            },
            {
              "name": "RHSA-2020:0445",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0445"
            },
            {
              "name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E"
            },
            {
              "name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E"
            },
            {
              "name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220210-0024/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10219",
    "datePublished": "2019-11-08T14:46:03.000Z",
    "dateReserved": "2019-03-27T00:00:00.000Z",
    "dateUpdated": "2025-07-07T13:55:51.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2019-10219

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-10219

Aliases

CVE-2019-10219

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-10219",
    "description": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
    "id": "GSD-2019-10219",
    "references": [
      "https://access.redhat.com/errata/RHSA-2020:5568",
      "https://access.redhat.com/errata/RHSA-2020:4366",
      "https://access.redhat.com/errata/RHSA-2020:2321",
      "https://access.redhat.com/errata/RHSA-2020:2067",
      "https://access.redhat.com/errata/RHSA-2020:0445",
      "https://access.redhat.com/errata/RHSA-2020:0164",
      "https://access.redhat.com/errata/RHSA-2020:0161",
      "https://access.redhat.com/errata/RHSA-2020:0160",
      "https://access.redhat.com/errata/RHSA-2020:0159"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-10219"
      ],
      "details": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
      "id": "GSD-2019-10219",
      "modified": "2023-12-13T01:23:59.561483Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2019-10219",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "hibernate-validator",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Hibernate"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack."
          }
        ]
      },
      "impact": {
        "cvss": [
          [
            {
              "vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.0"
            }
          ]
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-79"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E"
          },
          {
            "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E"
          },
          {
            "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E"
          },
          {
            "name": "RHSA-2020:0164",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0164"
          },
          {
            "name": "RHSA-2020:0159",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0159"
          },
          {
            "name": "RHSA-2020:0160",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0160"
          },
          {
            "name": "RHSA-2020:0161",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0161"
          },
          {
            "name": "RHSA-2020:0445",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0445"
          },
          {
            "name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E"
          },
          {
            "name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E"
          },
          {
            "name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20220210-0024/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,6.0.18)",
          "affected_versions": "All versions before 6.0.18",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2021-08-04",
          "description": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
          "fixed_versions": [
            "6.0.18"
          ],
          "identifier": "CVE-2019-10219",
          "identifiers": [
            "GHSA-m8p2-495h-ccmh",
            "CVE-2019-10219"
          ],
          "not_impacted": "All versions starting from 6.0.18",
          "package_slug": "maven/org.hibernate.validator/hibernate-validator",
          "pubdate": "2020-01-08",
          "solution": "Upgrade to version 6.0.18 or above.",
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2019-10219",
            "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee",
            "https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe",
            "https://github.com/advisories/GHSA-m8p2-495h-ccmh"
          ],
          "uuid": "23e75a2e-49b8-47f3-968c-126b37e45c11"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.0.18",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:snapcenter_plug-in:-:*:*:*:*:vmware_vsphere:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:access_manager:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:12.1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12",
                "versionStartIncluding": "17.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_point-of-sale:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.6:*:*:*:*:e-business_suite:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_safety:8.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:commerce_platform:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.3.2",
                "versionStartIncluding": "11.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_cruise_shipboard_property_management_system:20.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_opera_5_property_services:5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hyperion_financial_management:11.1.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.3.0",
                "versionStartIncluding": "11.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12.11",
                "versionStartIncluding": "17.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.0",
                "versionStartIncluding": "16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.0.6.0",
                "versionStartIncluding": "4.3.0.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:access_manager:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:airlines_data_model:12.1.1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:airlines_data_model:12.2.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_performance_management:13.4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_performance_management:13.5.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_analytics:8.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_analytics:8.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_analytics:8.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_analytics:8.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_insight:8.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_insight:8.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_insight:8.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_safety:8.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:argus_safety:8.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:18.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:18.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:18.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:20.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:17.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_digital_experience:21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_default_managment:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.4.0",
                "versionStartIncluding": "2.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_loans_servicing:2.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.4.1",
                "versionStartIncluding": "2.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_application_session_controller:3.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.0.4.0.0",
                "versionStartIncluding": "12.0.1.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_data_model:11.3.2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_data_model:11.3.2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_data_model:11.3.2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_data_model:12.1.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_data_model:12.1.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_design_studio:7.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_design_studio:7.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_design_studio:7.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_route:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.5.1.0",
                "versionStartIncluding": "8.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16.4",
                "versionStartIncluding": "16.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.0.4.0.0",
                "versionStartIncluding": "12.0.1.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_service_broker:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:21c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.6.4",
                "versionStartIncluding": "12.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.1.1",
                "versionStartIncluding": "8.0.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:graalvm:20.3.4:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:graalvm:21.3.0:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_data_repository:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_foundation:8.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hyperion_financial_management:11.2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:java_se:7u321:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:java_se:8u311:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdk:11.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.2.6.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.34",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.5.24",
                "versionStartIncluding": "7.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.6.20",
                "versionStartIncluding": "7.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.27",
                "versionStartIncluding": "8.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.27",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_connectors:8.0.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.7.36",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_server:5.7.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.27",
                "versionStartIncluding": "8.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.27",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.1.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_cs_sa_integration_pack:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_cs_sa_integration_pack:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "18.8.13",
                "versionStartIncluding": "18.8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.12.12",
                "versionStartIncluding": "19.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "20.12.7",
                "versionStartIncluding": "20.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.12.18.0",
                "versionStartIncluding": "19.12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "20.12.12.0",
                "versionStartIncluding": "20.12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "18.0.3.0",
                "versionStartIncluding": "18.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.0.1.2",
                "versionStartIncluding": "19.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_portfolio_management:20.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_portfolio_management:20.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:real-time_decision_server:3.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_allocation:14.1.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_allocation:15.0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_allocation:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_allocation:19.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_eftlink:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_eftlink:17.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_eftlink:18.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_eftlink:19.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_eftlink:20.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16.0.3",
                "versionStartIncluding": "16.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_invoice_matching:15.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_invoice_matching:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_management_system:19.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.46:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.115:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.240:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:14.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16.0.3",
                "versionStartIncluding": "16.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:19.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_size_profile_optimization:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1.32",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_express:21.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:clinical:5.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:clinical:5.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:demantra_demand_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.2.11",
                "versionStartIncluding": "12.2.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.2.11",
                "versionStartIncluding": "12.2.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_communications_broker:3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.1.2.4.47",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:essbase:11.1.2.4.47:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.3",
                "versionStartIncluding": "21.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:essbase_administration_services:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.1.2.4.47",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:essbase_administration_services:11.1.2.4.47:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:7.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_foreign_account_tax_compliance_act_management:8.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_foreign_account_tax_compliance_act_management:8.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_foreign_account_tax_compliance_act_management:8.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.1.1",
                "versionStartIncluding": "8.0.8",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.7:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "12.3.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "19.1.0.0.220118",
                "versionStartIncluding": "19.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.5.0.0.220118",
                "versionStartIncluding": "21.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:graph_server_and_client:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_clinical_development_analytics:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_inform_crf_submit:6.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_foundation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.3.0.2",
                "versionStartIncluding": "7.3.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_foundation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.2",
                "versionStartIncluding": "8.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_foundation:8.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_translational_research:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_suite8:8.11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_suite8:8.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_suite8:8.13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hospitality_suite8:8.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hyperion_ilearning:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hyperion_ilearning:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_data_gateway:11.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_data_gateway:11.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_data_gateway:11.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_data_gateway:11.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_data_gateway:11.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.6.0",
                "versionStartIncluding": "5.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:11.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:11.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:11.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.3.0",
                "versionStartIncluding": "11.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:java_se:17.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.12.42",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_people_tools:8.57:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_people_tools:8.58:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_people_tools:8.59:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.2.24",
                "versionStartIncluding": "12.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_analytics:18.8.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_analytics:19.12.11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_analytics:20.12.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_data_warehouse:18.8.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_data_warehouse:19.12.11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_data_warehouse:20.12.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12.0.0-17.12.20.0",
                "versionStartIncluding": "17.12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "18.8.24.0",
                "versionStartIncluding": "18.8.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12.20.0",
                "versionStartIncluding": "17.12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "18.8.24.0",
                "versionStartIncluding": "18.8.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.12.17.0",
                "versionStartIncluding": "19.12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "20.12.9.0",
                "versionStartIncluding": "20.12.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:rapid_planning:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.2.11",
                "versionStartIncluding": "12.2.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:21.2.4:*:*:*:-:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_analytics:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16.0.2",
                "versionStartIncluding": "16.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_customer_insights:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16.0.2",
                "versionStartIncluding": "16.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:19.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:15.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:16.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:siebel_applications:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:spatial_studio:21.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:thesaurus_management_system:5.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:thesaurus_management_system:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:thesaurus_management_system:5.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.2.2.8.27",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.1.1.1.0",
                "versionStartIncluding": "21.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_application_integration_engineering_software:1.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:fujitsu_m10-1_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:oracle:fujitsu_m10-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:fujitsu_m10-4_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:oracle:fujitsu_m10-4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:oracle:fujitsu_m10-4s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:fujitsu_m12-1_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:oracle:fujitsu_m12-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:fujitsu_m12-2_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:oracle:fujitsu_m12-2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:oracle:fujitsu_m12-2s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10219"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
            },
            {
              "name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E"
            },
            {
              "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E"
            },
            {
              "name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E"
            },
            {
              "name": "RHSA-2020:0164",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0164"
            },
            {
              "name": "RHSA-2020:0160",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0160"
            },
            {
              "name": "RHSA-2020:0161",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0161"
            },
            {
              "name": "RHSA-2020:0159",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0159"
            },
            {
              "name": "RHSA-2020:0445",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0445"
            },
            {
              "name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E"
            },
            {
              "name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E"
            },
            {
              "name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220210-0024/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2022-09-12T13:51Z",
      "publishedDate": "2019-11-08T15:15Z"
    }
  }
}

GHSA-M8P2-495H-CCMH

Vulnerability from github – Published: 2020-01-08 17:01 – Updated: 2025-09-12 20:10

Summary

The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.hibernate.validator:hibernate-validator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.1.0.Alpha1"
            },
            {
              "fixed": "6.1.0.Alpha6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.0.17.Final"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.hibernate.validator:hibernate-validator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0.Alpha1"
            },
            {
              "fixed": "6.0.18.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.hibernate:hibernate-validator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.1.0.Alpha1"
            },
            {
              "fixed": "6.1.0.Alpha6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.0.17.Final"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.hibernate:hibernate-validator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0.Alpha1"
            },
            {
              "fixed": "6.0.18.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-10219"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-01-08T17:00:14Z",
    "nvd_published_at": "2019-11-08T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
  "id": "GHSA-m8p2-495h-ccmh",
  "modified": "2025-09-12T20:10:35Z",
  "published": "2020-01-08T17:01:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56cee"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220210-0024"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit"
    },
    {
      "type": "WEB",
      "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hibernate/hibernate-validator"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0445"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0164"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0161"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0160"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0159"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks"
}

CVE-2019-10219

Vulnerability from fstec - Published: 27.03.2019

Title

Уязвимость валидатора SafeHtml библиотеки Hibernate Validator, позволяющая нарушителю проводить межсайтовые сценарные атаки

Description

Уязвимость валидатора SafeHtml библиотеки Hibernate Validator связана с непринятием мер по защите структуры веб-страницы при обработке HTML-содержимого. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, проводить межсайтовые сценарные атаки

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Vendor

Oracle Corp., Сообщество свободного программного обеспечения, Red Hat Inc., ООО «Ред Софт», АО «ИВК», Hibernate

Software Name

WebLogic Server, Debian GNU/Linux, JBoss Enterprise Application Platform, РЕД ОС (запись в едином реестре российских программ №3751), Альт 8 СП (запись в едином реестре российских программ №4305), Hibernate Validator, Red Hat Satellite, Red Hat Data Grid, Red Hat Fuse

Software Version

12.2.1.3.0 (WebLogic Server), 10 (Debian GNU/Linux), 7.2 (JBoss Enterprise Application Platform), 12.2.1.4.0 (WebLogic Server), 7.2 for RHEL 6 (JBoss Enterprise Application Platform), 7.2 for RHEL 7 (JBoss Enterprise Application Platform), 7.2 for RHEL 8 (JBoss Enterprise Application Platform), 14.1.1.0.0 (WebLogic Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), - (Альт 8 СП), до 6.0.18 (Hibernate Validator), от 6.1.0 alpha1 до 6.1.0 alpha6 включительно (Hibernate Validator), 6.8 for RHEL 7 (Red Hat Satellite), 13 (Debian GNU/Linux), 7.3.6 (Red Hat Data Grid), 7.8.0 (Red Hat Fuse)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Hibernate Validator: https://github.com/apache/accumulo/pull/1469 https://github.com/hibernate/hibernate-validator/tags?after=6.1.1.Final https://hibernate.org/validator/releases/ Для Альт 8 СП: https://altsp.su/obnovleniya-bezopasnosti/ Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2019-10219 Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/CVE-2019-10219 Для программных продуктов Oracle Corp.: https://www.oracle.com/security-alerts/cpujan2022.html Для Ред ОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Reference

https://security-tracker.debian.org/tracker/CVE-2019-10219 https://access.redhat.com/security/cve/CVE-2019-10219 https://vuldb.com/ru/?id.145250 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219 https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E https://security.netapp.com/advisory/ntap-20220210-0024/ https://www.oracle.com/security-alerts/cpujan2022.html http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

CWE

CWE-79

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Oracle Corp., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Red Hat Inc., \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Hibernate",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "12.2.1.3.0 (WebLogic Server), 10 (Debian GNU/Linux), 7.2 (JBoss Enterprise Application Platform), 12.2.1.4.0 (WebLogic Server), 7.2 for RHEL 6 (JBoss Enterprise Application Platform), 7.2 for RHEL 7 (JBoss Enterprise Application Platform), 7.2 for RHEL 8 (JBoss Enterprise Application Platform), 14.1.1.0.0 (WebLogic Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 6.0.18 (Hibernate Validator), \u043e\u0442 6.1.0 alpha1 \u0434\u043e 6.1.0 alpha6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Hibernate Validator), 6.8 for RHEL 7 (Red Hat Satellite), 13 (Debian GNU/Linux), 7.3.6 (Red Hat Data Grid), 7.8.0 (Red Hat Fuse)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Hibernate Validator:\nhttps://github.com/apache/accumulo/pull/1469\nhttps://github.com/hibernate/hibernate-validator/tags?after=6.1.1.Final\nhttps://hibernate.org/validator/releases/\n\n\u0414\u043b\u044f \u0410\u043b\u044c\u0442 8 \u0421\u041f:\nhttps://altsp.su/obnovleniya-bezopasnosti/\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2019-10219\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2019-10219\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Oracle Corp.:\nhttps://www.oracle.com/security-alerts/cpujan2022.html\n\n\u0414\u043b\u044f \u0420\u0435\u0434 \u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.03.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "10.09.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.09.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-05424",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-10219",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "WebLogic Server, Debian GNU/Linux, JBoss Enterprise Application Platform, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Hibernate Validator, Red Hat Satellite, Red Hat Data Grid, Red Hat Fuse",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 13 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440\u0430 SafeHtml \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Hibernate Validator, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b (\u0438\u043b\u0438 \\\u00ab\u041c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0430\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430\\\u00bb) (CWE-79)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440\u0430 SafeHtml \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Hibernate Validator \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 HTML-\u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://security-tracker.debian.org/tracker/CVE-2019-10219\nhttps://access.redhat.com/security/cve/CVE-2019-10219\nhttps://vuldb.com/ru/?id.145250\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219 \nhttps://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E \nhttps://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E \nhttps://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E \nhttps://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E \nhttps://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E\nhttps://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E \nhttps://security.netapp.com/advisory/ntap-20220210-0024/ \nhttps://www.oracle.com/security-alerts/cpujan2022.html\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-79",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}

FKIE_CVE-2019-10219

Vulnerability from fkie_nvd - Published: 2019-11-08 15:15 - Updated: 2025-07-07 14:15

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2020:0159	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2020:0160	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2020:0161	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2020:0164	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2020:0445	Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219	Issue Tracking, Third Party Advisory
secalert@redhat.com	https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56cee
secalert@redhat.com	https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe
secalert@redhat.com	https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219
secalert@redhat.com	https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit
secalert@redhat.com	https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E
secalert@redhat.com	https://security.netapp.com/advisory/ntap-20220210-0024/	Third Party Advisory
secalert@redhat.com	https://www.oracle.com/security-alerts/cpujan2022.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0159	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0160	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0161	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0164	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0445	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee
af854a3a-2127-422b-91ae-364da2661108	https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe
af854a3a-2127-422b-91ae-364da2661108	https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219
af854a3a-2127-422b-91ae-364da2661108	https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20220210-0024/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Third Party Advisory

Impacted products

Vendor	Product	Version
redhat	hibernate_validator	*
redhat	hibernate_validator	6.1.0
redhat	hibernate_validator	6.1.0
redhat	hibernate_validator	6.1.0
redhat	hibernate_validator	6.1.0
redhat	hibernate_validator	6.1.0
redhat	hibernate_validator	6.1.0
redhat	fuse	1.0
redhat	jboss_data_grid	-
redhat	jboss_enterprise_application_platform	-
redhat	openshift_application_runtimes	-
redhat	single_sign-on	-
redhat	jboss_enterprise_application_platform	7.2
redhat	jboss_enterprise_application_platform	7.3
redhat	enterprise_linux	6.0
netapp	active_iq_unified_manager	-
netapp	active_iq_unified_manager	-
netapp	active_iq_unified_manager	-
netapp	management_services_for_element_software_and_netapp_hci	-
netapp	snapcenter_plug-in	-
netapp	element	-
oracle	access_manager	11.1.2.3.0
oracle	access_manager	12.2.1.3.0
oracle	access_manager	12.2.1.4.0
oracle	agile_engineering_data_management	6.2.1.0
oracle	agile_plm	9.3.3
oracle	agile_plm	9.3.6
oracle	agile_product_lifecycle_analytics	3.6.1
oracle	agile_product_lifecycle_management_integration_pack	3.6
oracle	airlines_data_model	12.1.1.0.0
oracle	airlines_data_model	12.2.0.1.0
oracle	application_express	21.1.4
oracle	application_performance_management	13.4.1.0
oracle	application_performance_management	13.5.1.0
oracle	application_testing_suite	13.3.0.1
oracle	argus_analytics	8.2.1
oracle	argus_analytics	8.2.2
oracle	argus_analytics	8.2.3
oracle	argus_analytics	8.21
oracle	argus_insight	8.2.1
oracle	argus_insight	8.2.2
oracle	argus_insight	8.2.3
oracle	argus_safety	8.2.1
oracle	argus_safety	8.2.2
oracle	argus_safety	8.2.3
oracle	banking_apis	18.1
oracle	banking_apis	18.2
oracle	banking_apis	18.3
oracle	banking_apis	19.1
oracle	banking_apis	19.2
oracle	banking_apis	20.1
oracle	banking_apis	21.1
oracle	banking_deposits_and_lines_of_credit_servicing	2.12.0
oracle	banking_digital_experience	17.2
oracle	banking_digital_experience	18.1
oracle	banking_digital_experience	18.3
oracle	banking_digital_experience	19.1
oracle	banking_digital_experience	19.2
oracle	banking_digital_experience	20.1
oracle	banking_digital_experience	21.1
oracle	banking_enterprise_default_management	2.6.2
oracle	banking_enterprise_default_management	2.7.0
oracle	banking_enterprise_default_management	2.7.1
oracle	banking_enterprise_default_management	2.10.0
oracle	banking_enterprise_default_management	2.12.0
oracle	banking_enterprise_default_managment	*
oracle	banking_loans_servicing	2.12.0
oracle	banking_party_management	2.7.0
oracle	banking_platform	*
oracle	banking_platform	2.6.2
oracle	banking_platform	2.7.0
oracle	banking_platform	2.7.1
oracle	bi_publisher	5.5.0.0.0
oracle	bi_publisher	11.1.1.9.0
oracle	bi_publisher	12.2.1.3.0
oracle	bi_publisher	12.2.1.4.0
oracle	big_data_spatial_and_graph	23.1
oracle	business_activity_monitoring	12.2.1.4.0
oracle	business_intelligence	5.5.0.0.0
oracle	business_intelligence	5.9.0.0.0
oracle	business_intelligence	12.2.1.3.0
oracle	business_intelligence	12.2.1.4.0
oracle	business_process_management_suite	12.2.1.3.0
oracle	business_process_management_suite	12.2.1.4.0
oracle	clinical	5.2.1
oracle	clinical	5.2.2
oracle	commerce_guided_search	11.3.2
oracle	commerce_platform	*
oracle	communications_application_session_controller	3.9.0
oracle	communications_billing_and_revenue_management	12.0.0.3
oracle	communications_billing_and_revenue_management	12.0.0.4
oracle	communications_billing_and_revenue_management_elastic_charging_engine	11.3
oracle	communications_billing_and_revenue_management_elastic_charging_engine	12.0
oracle	communications_calendar_server	8.0.0.5.0
oracle	communications_calendar_server	8.0.0.6.0
oracle	communications_cloud_native_core_automated_test_suite	1.8.0
oracle	communications_cloud_native_core_binding_support_function	1.9.0
oracle	communications_cloud_native_core_binding_support_function	1.10.0
oracle	communications_cloud_native_core_console	1.7.0
oracle	communications_cloud_native_core_network_function_cloud_native_environment	1.9.0
oracle	communications_cloud_native_core_network_repository_function	1.14.0
oracle	communications_cloud_native_core_policy	1.14.0
oracle	communications_cloud_native_core_security_edge_protection_proxy	1.5.0
oracle	communications_cloud_native_core_security_edge_protection_proxy	1.6.0
oracle	communications_cloud_native_core_security_edge_protection_proxy	1.15.0
oracle	communications_cloud_native_core_service_communication_proxy	1.14.0
oracle	communications_cloud_native_core_unified_data_repository	1.14.0
oracle	communications_contacts_server	8.0.0.3.0
oracle	communications_converged_application_server_-_service_controller	6.2
oracle	communications_convergence	3.0.2.2.0
oracle	communications_convergent_charging_controller	*
oracle	communications_convergent_charging_controller	6.0.1.0.0
oracle	communications_data_model	11.3.2.1.0
oracle	communications_data_model	11.3.2.2.0
oracle	communications_data_model	11.3.2.3.0
oracle	communications_data_model	12.1.0.1.0
oracle	communications_data_model	12.1.2.0.0
oracle	communications_design_studio	7.3.4
oracle	communications_design_studio	7.3.5
oracle	communications_design_studio	7.4.0
oracle	communications_design_studio	7.4.1
oracle	communications_design_studio	7.4.2
oracle	communications_diameter_signaling_route	*
oracle	communications_eagle_application_processor	*
oracle	communications_instant_messaging_server	10.0.1.5.0
oracle	communications_interactive_session_recorder	6.3
oracle	communications_interactive_session_recorder	6.4
oracle	communications_messaging_server	8.1
oracle	communications_metasolv_solution	6.3.1
oracle	communications_network_charging_and_control	*
oracle	communications_network_charging_and_control	6.0.1.0.0
oracle	communications_network_integrity	7.3.5
oracle	communications_network_integrity	7.3.6
oracle	communications_offline_mediation_controller	12.0.0.3
oracle	communications_operations_monitor	3.4
oracle	communications_operations_monitor	4.2
oracle	communications_operations_monitor	4.3
oracle	communications_operations_monitor	4.4
oracle	communications_operations_monitor	5.0
oracle	communications_pricing_design_center	12.0.0.3.0
oracle	communications_pricing_design_center	12.0.0.4.0
oracle	communications_service_broker	6.2
oracle	communications_services_gatekeeper	7.0
oracle	communications_session_border_controller	8.2
oracle	communications_session_border_controller	8.3
oracle	communications_session_border_controller	8.4
oracle	communications_session_border_controller	9.0
oracle	communications_unified_inventory_management	7.3.0
oracle	communications_unified_inventory_management	7.3.4
oracle	communications_unified_inventory_management	7.3.5
oracle	communications_unified_inventory_management	7.4.0
oracle	communications_unified_inventory_management	7.4.1
oracle	communications_unified_inventory_management	7.4.2
oracle	communications_unified_inventory_management	7.5.0
oracle	communications_webrtc_session_controller	7.2.0
oracle	communications_webrtc_session_controller	7.2.1
oracle	data_integrator	12.2.1.3.0
oracle	data_integrator	12.2.1.4.0
oracle	database_server	12.1.0.1
oracle	database_server	12.1.0.2
oracle	database_server	19c
oracle	database_server	21c
oracle	demantra_demand_management	*
oracle	documaker	*
oracle	e-business_suite	*
oracle	enterprise_communications_broker	3.3
oracle	enterprise_data_quality	12.2.1.3.0
oracle	enterprise_data_quality	12.2.1.4.0
oracle	enterprise_manager_base_platform	13.4.0.0
oracle	enterprise_manager_base_platform	13.5.0.0
oracle	enterprise_manager_ops_center	12.4.0.0
oracle	enterprise_session_border_controller	8.4
oracle	enterprise_session_border_controller	9.0
oracle	essbase	*
oracle	essbase	*
oracle	essbase	11.1.2.4.47
oracle	essbase_administration_services	*
oracle	essbase_administration_services	11.1.2.4.47
oracle	financial_services_analytical_applications_infrastructure	*
oracle	financial_services_analytical_applications_infrastructure	7.3.3
oracle	financial_services_behavior_detection_platform	8.0.7
oracle	financial_services_behavior_detection_platform	8.0.8
oracle	financial_services_behavior_detection_platform	8.0.11
oracle	financial_services_enterprise_case_management	8.0.7
oracle	financial_services_enterprise_case_management	8.0.8
oracle	financial_services_enterprise_case_management	8.0.11
oracle	financial_services_foreign_account_tax_compliance_act_management	8.0.7
oracle	financial_services_foreign_account_tax_compliance_act_management	8.0.8
oracle	financial_services_foreign_account_tax_compliance_act_management	8.0.11
oracle	financial_services_model_management_and_governance	*
oracle	financial_services_trade-based_anti_money_laundering	8.0.7
oracle	financial_services_trade-based_anti_money_laundering	8.0.8
oracle	flexcube_investor_servicing	12.0.4
oracle	flexcube_investor_servicing	12.1.0
oracle	flexcube_investor_servicing	12.3.0
oracle	flexcube_investor_servicing	12.4.0
oracle	flexcube_investor_servicing	14.4.0
oracle	flexcube_investor_servicing	14.5.0
oracle	flexcube_private_banking	12.0.0
oracle	flexcube_private_banking	12.1.0
oracle	fusion_middleware	12.2.1.3.0
oracle	fusion_middleware	12.2.1.4.0
oracle	fusion_middleware_mapviewer	12.2.1.4.0
oracle	goldengate	*
oracle	goldengate	*
oracle	goldengate	*
oracle	goldengate_application_adapters	19.1.0.0.0
oracle	graalvm	20.3.4
oracle	graalvm	21.3.0
oracle	graph_server_and_client	*
oracle	health_sciences_clinical_development_analytics	4.0.1
oracle	health_sciences_inform_crf_submit	6.2.1
oracle	health_sciences_information_manager	3.0.2
oracle	health_sciences_information_manager	3.0.3
oracle	healthcare_data_repository	7.0.2
oracle	healthcare_data_repository	8.1.0
oracle	healthcare_data_repository	8.1.1
oracle	healthcare_foundation	*
oracle	healthcare_foundation	*
oracle	healthcare_foundation	8.1.0
oracle	healthcare_foundation	8.1.1
oracle	healthcare_translational_research	4.1.0
oracle	hospitality_cruise_shipboard_property_management_system	20.1.0
oracle	hospitality_opera_5_property_services	5.6
oracle	hospitality_reporting_and_analytics	9.1.0
oracle	hospitality_suite8	8.10.2
oracle	hospitality_suite8	8.11.0
oracle	hospitality_suite8	8.12.0
oracle	hospitality_suite8	8.13.0
oracle	hospitality_suite8	8.14.0
oracle	http_server	12.2.1.3.0
oracle	http_server	12.2.1.4.0
oracle	hyperion_financial_management	11.1.2.4
oracle	hyperion_financial_management	11.2.6.0
oracle	hyperion_ilearning	6.2
oracle	hyperion_ilearning	6.3
oracle	hyperion_infrastructure_technology	11.2.7.0
oracle	instantis_enterprisetrack	17.1
oracle	instantis_enterprisetrack	17.2
oracle	instantis_enterprisetrack	17.3
oracle	insurance_data_gateway	11.0.2
oracle	insurance_data_gateway	11.1.0
oracle	insurance_data_gateway	11.2.7
oracle	insurance_data_gateway	11.3.0
oracle	insurance_data_gateway	11.3.1
oracle	insurance_insbridge_rating_and_underwriting	*
oracle	insurance_insbridge_rating_and_underwriting	5.2.0
oracle	insurance_policy_administration	11.0.2
oracle	insurance_policy_administration	11.1.0
oracle	insurance_policy_administration	11.2.7
oracle	insurance_policy_administration	11.3.0
oracle	insurance_policy_administration	11.3.1
oracle	insurance_policy_administration_j2ee	*
oracle	insurance_policy_administration_j2ee	10.2.0
oracle	insurance_policy_administration_j2ee	10.2.4
oracle	insurance_policy_administration_j2ee	11.0.2
oracle	insurance_rules_palette	*
oracle	insurance_rules_palette	10.2.0
oracle	insurance_rules_palette	10.2.4
oracle	insurance_rules_palette	11.0.2
oracle	insurance_rules_palette	11.3.1
oracle	java_se	7u321
oracle	java_se	8u311
oracle	java_se	17.1
oracle	jd_edwards_enterpriseone_orchestrator	*
oracle	jdk	11.0.13
oracle	managed_file_transfer	12.2.1.3.0
oracle	managed_file_transfer	12.2.1.4.0
oracle	mysql_cluster	*
oracle	mysql_cluster	*
oracle	mysql_cluster	*
oracle	mysql_cluster	*
oracle	mysql_connectors	*
oracle	mysql_connectors	8.0.27
oracle	mysql_server	*
oracle	mysql_server	*
oracle	mysql_server	5.7.36
oracle	mysql_workbench	*
oracle	nosql_database	*
oracle	oss_support_tools	*
oracle	peoplesoft_enterprise_cs_sa_integration_pack	9.0
oracle	peoplesoft_enterprise_cs_sa_integration_pack	9.2
oracle	peoplesoft_enterprise_people_tools	8.57
oracle	peoplesoft_enterprise_people_tools	8.58
oracle	peoplesoft_enterprise_people_tools	8.59
oracle	peoplesoft_enterprise_peopletools	8.57
oracle	peoplesoft_enterprise_peopletools	8.58
oracle	policy_automation	*
oracle	policy_automation	10.4.7
oracle	primavera_analytics	18.8.3.3
oracle	primavera_analytics	19.12.11.1
oracle	primavera_analytics	20.12.12.0
oracle	primavera_data_warehouse	18.8.3.3
oracle	primavera_data_warehouse	19.12.11.1
oracle	primavera_data_warehouse	20.12.12.0
oracle	primavera_gateway	*
oracle	primavera_gateway	*
oracle	primavera_gateway	*
oracle	primavera_gateway	*
oracle	primavera_gateway	21.12.0
oracle	primavera_p6_enterprise_project_portfolio_management	*
oracle	primavera_p6_enterprise_project_portfolio_management	*
oracle	primavera_p6_enterprise_project_portfolio_management	*
oracle	primavera_p6_enterprise_project_portfolio_management	*
oracle	primavera_p6_enterprise_project_portfolio_management	21.12.0.0
oracle	primavera_p6_professional_project_management	*
oracle	primavera_p6_professional_project_management	*
oracle	primavera_p6_professional_project_management	*
oracle	primavera_p6_professional_project_management	*
oracle	primavera_portfolio_management	*
oracle	primavera_portfolio_management	*
oracle	primavera_portfolio_management	20.0.0.0
oracle	primavera_portfolio_management	20.0.0.1
oracle	primavera_unifier	*
oracle	primavera_unifier	18.8
oracle	primavera_unifier	19.12
oracle	primavera_unifier	20.12
oracle	primavera_unifier	21.12
oracle	rapid_planning	*
oracle	real-time_decision_server	3.2.0.0
oracle	real_user_experience_insight	13.4.1.0
oracle	real_user_experience_insight	13.5.1.0
oracle	rest_data_services	21.2.4
oracle	retail_allocation	14.1.3.2
oracle	retail_allocation	15.0.3.1
oracle	retail_allocation	16.0.3
oracle	retail_allocation	19.0.1
oracle	retail_analytics	*
oracle	retail_assortment_planning	16.0.3
oracle	retail_back_office	14.1
oracle	retail_central_office	14.1
oracle	retail_customer_insights	*
oracle	retail_customer_management_and_segmentation_foundation	*
oracle	retail_eftlink	16.0.3
oracle	retail_eftlink	17.0.2
oracle	retail_eftlink	18.0.1
oracle	retail_eftlink	19.0.1
oracle	retail_eftlink	20.0.1
oracle	retail_extract_transform_and_load	13.2.8
oracle	retail_financial_integration	14.1.3.2
oracle	retail_financial_integration	15.0.3.1
oracle	retail_financial_integration	16.0.3
oracle	retail_financial_integration	19.0.1
oracle	retail_fiscal_management	14.2
oracle	retail_integration_bus	*
oracle	retail_integration_bus	13.0
oracle	retail_integration_bus	14.1.3.0
oracle	retail_integration_bus	14.1.3.2
oracle	retail_integration_bus	15.0.3.1
oracle	retail_integration_bus	19.0.0
oracle	retail_integration_bus	19.0.1
oracle	retail_invoice_matching	15.0.3
oracle	retail_invoice_matching	16.0.3
oracle	retail_merchandising_system	19.0.1
oracle	retail_order_broker	16.0
oracle	retail_order_broker	18.0
oracle	retail_order_broker	19.1
oracle	retail_order_management_system	19.5
oracle	retail_point-of-sale	14.1
oracle	retail_predictive_application_server	14.1.3
oracle	retail_predictive_application_server	14.1.3.46
oracle	retail_predictive_application_server	15.0.3
oracle	retail_predictive_application_server	15.0.3.115
oracle	retail_predictive_application_server	16.0.3
oracle	retail_predictive_application_server	16.0.3.240
oracle	retail_price_management	13.2
oracle	retail_price_management	14.0.4
oracle	retail_price_management	14.1
oracle	retail_price_management	14.1.3
oracle	retail_price_management	15.0
oracle	retail_price_management	15.0.3
oracle	retail_price_management	16.0
oracle	retail_price_management	16.0.3
oracle	retail_returns_management	14.1
oracle	retail_service_backbone	*
oracle	retail_service_backbone	14.1.3.0
oracle	retail_service_backbone	14.1.3.2
oracle	retail_service_backbone	15.0.3.1
oracle	retail_service_backbone	19.0.0
oracle	retail_service_backbone	19.0.1
oracle	retail_size_profile_optimization	16.0.3
oracle	retail_xstore_point_of_service	17.0.4
oracle	retail_xstore_point_of_service	18.0.3
oracle	retail_xstore_point_of_service	19.0.2
oracle	retail_xstore_point_of_service	20.0.1
oracle	sd-wan_aware	8.2
oracle	sd-wan_edge	9.0
oracle	sd-wan_edge	9.1
oracle	secure_backup	18.1.0.1.0
oracle	siebel_applications	*
oracle	spatial_studio	21.2.1
oracle	thesaurus_management_system	5.2.3
oracle	thesaurus_management_system	5.3.0
oracle	thesaurus_management_system	5.3.1
oracle	timesten_in-memory_database	*
oracle	timesten_in-memory_database	*
oracle	utilities_framework	*
oracle	utilities_framework	4.2.0.2.0
oracle	utilities_framework	4.2.0.3.0
oracle	utilities_framework	4.4.0.0.0
oracle	utilities_framework	4.4.0.2.0
oracle	utilities_framework	4.4.0.3.0
oracle	utilities_testing_accelerator	6.0.0.1.1
oracle	utilities_testing_accelerator	6.0.0.2.2
oracle	utilities_testing_accelerator	6.0.0.3.1
oracle	vm_virtualbox	*
oracle	webcenter_portal	12.2.1.3.0
oracle	webcenter_portal	12.2.1.4.0
oracle	weblogic_server	12.1.3.0.0
oracle	weblogic_server	12.2.1.3.0
oracle	weblogic_server	12.2.1.4.0
oracle	weblogic_server	14.1.1.0.0
oracle	zfs_storage_appliance_kit	8.8
oracle	zfs_storage_application_integration_engineering_software	1.3.3
oracle	communications_messaging_server	8.1
oracle	solaris	10
oracle	solaris	11
oracle	fujitsu_m10-1_firmware	-
oracle	fujitsu_m10-1	-
oracle	fujitsu_m10-4_firmware	-
oracle	fujitsu_m10-4	-
oracle	fujitsu_m10-4s_firmware	-
oracle	fujitsu_m10-4s	-
oracle	fujitsu_m12-1_firmware	-
oracle	fujitsu_m12-1	-
oracle	fujitsu_m12-2_firmware	-
oracle	fujitsu_m12-2	-
oracle	fujitsu_m12-2s_firmware	-
oracle	fujitsu_m12-2s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "552F082C-38E5-49A9-A451-71B6ECAF21B2",
              "versionEndExcluding": "6.0.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "A82A1C19-F8AE-4DA9-891D-247F07D57605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "E38B943A-B167-4EAD-9308-47FF525BE57A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "6766965C-2991-4559-975B-9E864DF8F10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "E6CD7403-23C7-488F-84EC-1F0C675E87D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "A0033893-4CA9-41F4-8FF0-3BE20F5BE1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:hibernate_validator:6.1.0:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "EEB7C69E-FA13-43AB-89AD-FE1E4687E02A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "077732DB-F5F3-4E9C-9AC0-8142AB85B32F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*",
              "matchCriteriaId": "2BF03A52-4068-47EA-8846-1E5FB708CE1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*",
              "matchCriteriaId": "B8423D7F-3A8F-4AD8-BF51-245C9D8DD816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*",
              "matchCriteriaId": "ADB40F59-CAAE-47D6-850C-12619D8D5B34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*",
              "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C3AA5CE-9ACB-4E96-A4C1-50A662D641FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4911A72-5FAE-47C5-A141-2E3CA8E1CCAB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
              "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapcenter_plug-in:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "DC01D8F3-291A-44E5-99C1-6771F6656E0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*",
              "matchCriteriaId": "5E1DE4F5-9094-4C73-AA1B-5C902F38DD24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DEAFEDC-2D0F-4A5F-99A0-BD41DD6DC017",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:access_manager:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A287FA5D-D7D9-40B4-8DB2-1D7CE1808408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:access_manager:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EB3430-0FF2-4668-BB20-A5611ACC73F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80C9DBB8-3D50-4D5D-859A-B022EB7C2E64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14ABF04-E460-4911-9C6C-B7BCEFE68E9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "432BFCF5-A5DC-487C-A111-DE70AB3FCDAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.6:*:*:*:*:e-business_suite:*:*",
              "matchCriteriaId": "5B62CB3B-FDDF-4AFF-A47E-6ADE6504D451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:airlines_data_model:12.1.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "06480458-3216-4C42-9270-F68A41EEC147",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:airlines_data_model:12.2.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "480BF1CB-11D7-4D86-A99E-960F316F2E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_express:21.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB124AD9-8000-449B-8219-0FF011F86B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_performance_management:13.4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84E5662-0289-4ED5-A112-BC506508216C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_performance_management:13.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD312681-73A4-4B21-BDE8-50DED7E3E0CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_analytics:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC3D0C4E-0B40-4ACF-BD9E-104CC1D77521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_analytics:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67940FD-3BA7-40A8-8E40-44B37D23E2DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_analytics:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE6EB4DE-33DA-4810-96BD-29C82B433714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_analytics:8.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C446826-EF5B-4937-ADB4-1102F9F39304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_insight:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7FCB446-49A7-48B9-8808-E72A4E2E48C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_insight:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9B2F53-257E-49E2-83C3-0840BDB4D67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_insight:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CF34B1B-0FC0-4EA6-830D-D2191337D451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_safety:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B79608-5D94-45C3-ADF0-B181B92C3014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_safety:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F05D844-38BD-4EEB-AF91-E5ED18B1E7E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:argus_safety:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "25193811-46CE-4A0E-B22D-67BE99FAD450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "869D51B3-FB50-4BD6-8A0C-D0984267525F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08B8F413-2000-493B-82B1-BEFE343BB8C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "042269E6-D3B4-4867-86FA-9301FACA9FF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF34B11F-3DE1-4C22-8EB1-AEE5CE5E4172",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F03B63-F922-45CD-A7D1-326DB0042875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBFC93F-8B39-45A2-981C-59B187169BD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0843465C-F940-4FFC-998D-9A2668B75EA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F834ACC-D65B-4CA3-91F1-415CBC6077E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:17.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "560F20E6-AEA1-4CE5-A393-C9B2CF334C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBE7BF09-B89C-4590-821E-6C0587E096B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "18127694-109C-4E7E-AE79-0BA351849291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_digital_experience:21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6895A6-511A-4DC6-9F9B-58E05B86BDB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60C0966-BF0D-4D18-B09B-5D0BB96DBFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0FCD3BC-33D8-49D1-844B-6B9DE0CA4997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "473749BD-267E-480F-8E7F-C762702DB66E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "74C7E2F1-17FC-4322-A5C3-F7EB612BA4F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "320D36DA-D99F-4149-B582-3F4AB2F41A1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_enterprise_default_managment:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05E4EB25-7B7A-4A10-A535-8C7CA4D6FEB6",
              "versionEndIncluding": "2.4.0",
              "versionStartIncluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_loans_servicing:2.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E502A46-BAF4-4558-BC8F-9F014A2FB26A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C542DC5E-6657-4178-9C69-46FD3C187D56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D0F559E-0790-461B-ACED-5B00F4D40893",
              "versionEndIncluding": "2.4.1",
              "versionStartIncluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "132CE62A-FBFC-4001-81EC-35D81F73AF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "282150FF-C945-4A3E-8A80-E8757A8907EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "645AA3D1-C8B5-4CD2-8ACE-31541FA267F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD806C1-CC17-47BD-8BB0-9430C4253BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C83DA9A0-2EBC-4298-8412-1A7C4DC88C2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC56004-4497-4CDD-AE76-5E3DFAE170F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "274A0CF5-41E8-42E0-9931-F7372A65B9C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF828F5-C666-40DA-98DD-CDF658D7090B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8461A2-428C-4817-92A9-0C671545698D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "D40AD626-B23A-44A3-A6C0-1FFB4D647AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "B602F9E8-1580-436C-A26D-6E6F8121A583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "77C3DD16-1D81-40E1-B312-50FBD275507C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "81DAC8C0-D342-44B5-9432-6B88D389584F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:clinical:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B2CEA84-0983-4C40-B923-99244ABCF32D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:clinical:5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FD798A8-38B7-42C1-9043-863D16CE7ACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:commerce_platform:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F012E976-E219-46C2-8177-60ED859594BE",
              "versionEndIncluding": "11.3.2",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "787E2C1B-9BAD-4018-8495-E9BE75628BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0111372-B39F-4B3D-8136-44C2C1CFD12B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B465F237-0271-4389-8035-89C07A52350D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A9E4125-B744-4A9D-BFE6-5D82939958FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "261212BD-125A-487F-97E8-A9587935DFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4063FAD6-21D4-42C7-87C0-D299532E0982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E8A8C3-253A-4BDD-9AD2-4445DC387B4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "868E7C46-7E45-4CFA-8A25-7CBFED912096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B6FE82-7BFA-481D-99D6-789B146CA18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC12B43F-30F6-4B05-AB3A-E91D8404D5A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D423B62-8EFE-4EFD-A986-5F5ECE5B892F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E463039-5E48-4AA0-A42B-081053FA0111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAEB09CA-9352-43CD-AF66-92BE416E039C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45E5C9B0-AB25-4744-88E4-FD0C4A853001",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A442DA9E-FF9A-4C51-9D3E-68D09C8BB472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A276784-877B-4A29-A8F1-70518A438A9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59275C23-53C0-4890-A941-A71226B50CFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0535B116-57D6-4448-86A2-09BCE50894B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DF939F5-C0E1-40A4-95A2-0CE7A03AB4EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0172500D-DE51-44E0-91E8-C8F36617C1F8",
              "versionEndIncluding": "12.0.4.0.0",
              "versionStartIncluding": "12.0.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99E7D49-AE53-4D16-AB24-EBEAAD084289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_data_model:11.3.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69C215AB-25B4-47A6-AD6A-A60D2C0FF72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_data_model:11.3.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E77E48F-1521-4C89-A5D0-A7F0A8D21AD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_data_model:11.3.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F88A2F3-E201-4C68-8D11-0A5C76CDB071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_data_model:12.1.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD877F8-E6EF-4314-AAC0-36F81F4908DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_data_model:12.1.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7356B6-E197-4978-BF18-2CFD4D350A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_design_studio:7.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "93BE4838-1144-4A6A-ABDB-F2766E64C91C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B54457C-8305-4F82-BE1E-DBA030A8E676",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C756C62B-E655-4770-8E85-B1995889E416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93F65B4C-59D5-450A-9955-7FDA32252B0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67AA54B-258D-4D09-9ACB-4085E0B3E585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_route:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6BD600E-F3E9-40CE-9414-1D4506ACC1D8",
              "versionEndIncluding": "8.5.1.0",
              "versionStartIncluding": "8.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95A3E946-BBD5-4BCB-B864-FB3BF5DE56D0",
              "versionEndIncluding": "16.4",
              "versionStartIncluding": "16.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A94B36-479F-48F2-9B9E-ACEA2589EF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "46E23F2E-6733-45AF-9BD9-1A600BD278C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E812639B-EE28-4C68-9F6F-70C8BF981C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1214FDF-357A-4BB9-BADE-50FB2BD16D10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "64BCB9E3-883D-4C1F-9785-2E182BA47B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26940103-F37C-4FBD-BDFD-528A497209D6",
              "versionEndIncluding": "12.0.4.0.0",
              "versionStartIncluding": "12.0.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9047B1-DA8C-4BFD-BE41-728BD7ECF3E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB92D8A7-2ABD-4B70-A32C-4B6B866C5B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B21E6EEF-2AB7-4E96-B092-1F49D11B4175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23B00C1-878A-4B55-B87B-EFFFA6A5E622",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F545DFC9-F331-4E1D-BACB-3D26873E5858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98BAEB2-A540-4E8A-A946-C4331B913AFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8FBE260-E306-4215-80C0-D2D27CA43E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7B49D71-6A31-497A-B6A9-06E84F086E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A28F42F0-FBDA-4574-AD30-7A04F27FEA3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_service_broker:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6235EAE-47DD-4292-9941-6FF8D0A83843",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "062E4E7C-55BB-46F3-8B61-5A663B565891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9F6415-2950-49FE-9CAF-8BCA4DB6DF4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05190B9-237F-4E2E-91EA-DB1B738864AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C416FD3-2E2F-4BBC-BD5F-F896825883F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D886339E-EDB2-4879-BD54-1800E4CA9CAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05AD47CC-8A6D-4AEC-B23E-701D3D649CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D299528-8EF0-49AF-9BDE-4B6C6B1DA36C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "17A91FD9-9F77-42D3-A4D9-48BC7568ADE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "539DA24F-E3E0-4455-84C6-A9D96CD601B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7637F8B-15F1-42E2-BE18-E1FF7C66587D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EBC7EB1-FD72-4BFC-92CC-7C8B8E462D7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6814B606-D054-433C-A46E-0F6E338E1C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F05AF4B-A747-4314-95AE-F8495479AB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9901F6BA-78D5-45B8-9409-07FF1C6DDD38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FADE563-5AAA-42FF-B43F-35B20A2386C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A7D10EB-D98F-4B80-AB9F-D8A9FC813E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:12.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F3D40B7-925C-413D-AFF3-60BF330D5BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2204841-585F-40C7-A1D9-C34E612808CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB96A21-161F-42A9-9402-FABEC9C0C15A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:demantra_demand_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "132DE874-6E47-452A-9FDD-27D5A41F046E",
              "versionEndIncluding": "12.2.11",
              "versionStartIncluding": "12.2.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "135D531C-A692-4BE3-AB8C-37BB0D35559A",
              "versionEndIncluding": "12.6.4",
              "versionStartIncluding": "12.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E6DF81E-E392-49E5-ADF4-510A3737A5CE",
              "versionEndIncluding": "12.2.11",
              "versionStartIncluding": "12.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE83BC6-5A6F-40A1-AAC7-314A575D8E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "36CF85A9-2C29-46E7-961E-8ADD0B5822CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80555C7-DA1C-472C-9467-19554DCE4476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E8758C8-87D3-450A-878B-86CE8C9FC140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7015A8CB-8FA6-423E-8307-BD903244F517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A4E206-56C7-4578-AC9C-088B0C8D9CFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C78A7E07-AB08-46C5-942D-B40BBE0C0D06",
              "versionEndExcluding": "11.1.2.4.47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3197F464-F0A5-4BD4-9068-65CD448D8F4C",
              "versionEndExcluding": "21.3",
              "versionStartIncluding": "21.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase:11.1.2.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "809FD6D6-D05D-4387-A725-F707015DEFBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase_administration_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A093A76C-4B2C-4FAD-BFDF-09862F831102",
              "versionEndExcluding": "11.1.2.4.47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase_administration_services:11.1.2.4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1277A9-C49C-4840-A118-986C10A07657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EA4D3C5-6A7C-4421-88EF-445A96DBCE0C",
              "versionEndIncluding": "8.1.1",
              "versionStartIncluding": "8.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:7.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B9F810-EF80-4551-BA6D-027B0B2A787D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B0A947-E4C8-4C04-AD3B-950E59DF7A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC36036-07CE-4903-8FFB-445C6908F0CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "435FDFA1-BF6A-499D-BDB6-88A26648DFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB3F3F63-9543-4568-BCB1-1CAF88384142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0C4CA4-1694-474E-8272-CF96E168D962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "93E953D0-9C0C-4B03-9939-384A1F7E2BC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_foreign_account_tax_compliance_act_management:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "767CC73D-2771-4BBC-9D74-4416AEC6BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_foreign_account_tax_compliance_act_management:8.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D33B68C6-2A4E-418C-A2BD-43A3CC5D1003",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_foreign_account_tax_compliance_act_management:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAE3EA23-045D-474C-ABD8-916930D4E9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E8FD060-E9A8-499C-87B0-AF7BBED7771F",
              "versionEndIncluding": "8.1.1",
              "versionStartIncluding": "8.0.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "B57ECC6E-CC64-4DE7-B657-3BA54EDDFFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "10BBAD37-51A1-4819-807B-2642E9D4A69C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A34DF8-72CC-4A8E-84F2-C2DF4A0B9FAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE77B2-6368-470E-B9E6-21664D9A818A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3250073F-325A-4AFC-892F-F2005E3854A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524429D6-8AF1-4713-A9B8-678B50A3762F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED21B958-0FD0-4697-9CE2-266DEE4E29DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6762F207-93C7-4363-B2F9-7A7C6F8AF993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B74B912-152D-4F38-9FC1-741D6D0B27FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2177A5E9-B260-499E-8D60-920679518425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6329B1A2-75A8-4909-B4FB-77AC7232B6ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA86EF7E-6162-4244-9C88-7AF5CAB787E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE5EA810-3110-4343-9054-0FCFCD608C25",
              "versionEndExcluding": "12.3.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78A48EA9-1CAB-4DD2-9DAD-0213F6EFC48C",
              "versionEndExcluding": "19.1.0.0.220118",
              "versionStartIncluding": "19.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71050E24-6915-4B5E-98ED-AFAA6C2FF38B",
              "versionEndExcluding": "21.5.0.0.220118",
              "versionStartIncluding": "21.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7BE0590-31BD-4FCD-B50E-A5F86196F99E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:20.3.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "9F300E13-1B40-4B35-ACA5-4D402CD41055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:21.3.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "B10E38A6-783C-45A2-98A1-12FA1EB3D3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graph_server_and_client:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29312DB7-AFD2-459E-A166-95437ABED12C",
              "versionEndExcluding": "21.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_clinical_development_analytics:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E45ADE3-2A3D-4FCA-BCDF-D0CC6CE0A23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_inform_crf_submit:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB8797ED-52E7-47B6-9F78-E2402671CCAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C10FBE-FD9A-4739-9303-5B6FC7551D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF45C905-9EFF-4108-9B70-9FFDDD6627A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_data_repository:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E03F5DEF-DDD7-4C8C-90EF-7E4BCDEFE34B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C673C4-A825-46C0-816B-103E1C058D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA92E70A-2249-4144-B0B8-35501159ADB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F88FB6C5-D797-4017-A285-D3BB24B55429",
              "versionEndIncluding": "7.3.0.2",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D747A956-40A6-47D8-A813-FA4E13CB557F",
              "versionEndIncluding": "8.0.2",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_foundation:8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67501BE-206A-49FD-8CBA-22935DF917F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_foundation:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F04B1BA-EA84-4AA3-B208-DECC33E192EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_translational_research:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "523391D8-CB84-4EBD-B337-6A99F52E537F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_cruise_shipboard_property_management_system:20.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05F5B430-8BA1-4865-93B5-0DE89F424B53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_opera_5_property_services:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C177E1-66B8-4AB7-A3F0-B6CCDCC28F75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCBF2756-B831-4E6E-A15B-2A11DD48DB7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBDA65DE-5727-49DC-8D50-DA81DB3E8841",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_suite8:8.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A577DCD3-6730-441A-B3BD-6199483FB1E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_suite8:8.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "577A07A9-DBB1-49E6-B2CC-60B917097472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_suite8:8.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4833DCA-FC54-4F89-B2DF-8E39C9C49DF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_suite8:8.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7E9060-BA5B-4682-AC0D-EE5105AD0332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hyperion_financial_management:11.1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "49706536-CE9B-4713-8460-CC961B50C341",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hyperion_financial_management:11.2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F77F79-5E93-4FC2-84F2-26AF52B4C08A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hyperion_ilearning:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "781049BF-3467-4DB5-89D4-6A76984E0261",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hyperion_ilearning:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "058F9FC3-CA81-43BF-B083-DA8BE388E00A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C13DE5-CA3C-414F-8813-BB0847433151",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F69B9A5-F21B-4904-9F27-95C0F7A628E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_data_gateway:11.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD4EE554-DFE7-4C16-BC98-574DC97FC85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_data_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE4160ED-75F2-4499-AC6C-90CD092A46E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_data_gateway:11.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F03BFDA-6904-42D7-8170-D6FD143BB16C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_data_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32EE6974-6E2E-4DE8-9F2B-8FE0FCEFECFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_data_gateway:11.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85900AC-11DA-4FA8-A1E0-270240BF4B0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87B4051B-EB98-4D10-99D9-F15B44DBC7F0",
              "versionEndIncluding": "5.6.0",
              "versionStartIncluding": "5.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "428D2B1D-CFFD-49D1-BC05-2D85D22004DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F89EC4B-6D34-40F0-B7C6-C03D03F81C13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C9E689-ED91-4A9D-B9C0-5BF4EC131409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EFA1879-0BF9-4493-9145-15100BC38C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF958C28-4289-4433-8CD9-B6551F01926F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E9FC66-F6A0-4FB0-8D92-2C9B9E3F2184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48261B54-471D-4C03-AFF9-6F2EA8FA8EBB",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64D4B80E-2B67-4BDC-9A3A-7BFDA171016A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E0F28C-1FF3-4E12-AAE4-A765F4F81EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A570E5E-A3BC-4E19-BC44-C28D8BC9A537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DEAB5CD-4223-4A43-AB9E-486113827A6C",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEDF91E2-E7B5-40EE-B71F-C7D59F4021BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A94F93C-5828-4D78-9C48-20AC17E72B8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E25293-CB03-44CE-A8ED-04B3A0487A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B51896-E4DA-4FDA-979F-481FFB3E588A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:java_se:7u321:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F0BF15F-D4D2-4A88-BA15-79B624C4AC7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:java_se:8u311:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63E2911-7DA8-41AC-AB7A-1AA29076F69F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:java_se:17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "674AFFA3-E9BA-4AFD-9A73-2A4A9DE427E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D65139-BB80-4713-8E59-6CA1116DCC1D",
              "versionEndExcluding": "9.2.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:11.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7F43D86-B696-41E4-A288-6A2D43A1774A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E3E923-E2AD-400D-A618-26ADF7F841A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AB58D27-37F2-4A32-B786-3490024290A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC7290F2-AF21-49B9-B3EF-869B7DE1A2AC",
              "versionEndExcluding": "7.4.34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D3ECDE-287B-4336-898A-0DFEBE2AB6C3",
              "versionEndExcluding": "7.5.24",
              "versionStartIncluding": "7.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "105CBFD5-20DF-4BF0-9629-B87AF404E33D",
              "versionEndExcluding": "7.6.20",
              "versionStartIncluding": "7.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E248F8CE-5B39-457D-A47E-620858340840",
              "versionEndExcluding": "8.0.27",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CD3AAAD-5F6E-4A3C-9CFC-EC4866628ABD",
              "versionEndExcluding": "8.0.27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_connectors:8.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1912FB-8ABF-4640-92E7-367A4923267C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C9E5736-6015-499E-A452-227DCFB87DA7",
              "versionEndExcluding": "5.7.36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B0D740-75B1-4953-A99F-965F999FDC64",
              "versionEndExcluding": "8.0.27",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:5.7.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3F3390B-4081-473F-A5E0-B5E3A3888F04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C56CECB-6B97-406C-8761-8B7F74CA7DEF",
              "versionEndExcluding": "8.0.27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7167D144-C4AE-487F-B59A-888E10EA59DF",
              "versionEndExcluding": "21.1.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71CB79ED-A93E-4CBD-BCDD-82C5A00B373B",
              "versionEndExcluding": "2.12.42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_cs_sa_integration_pack:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4859861-C2EC-489F-A3B7-ACF85C709C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_cs_sa_integration_pack:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "247C0D05-C76B-44BC-8750-C716FF980D70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_people_tools:8.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CB2872-747C-47AC-8463-DD759BF105B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_people_tools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DBC53C9-75EC-46F7-907D-63BB74864CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_people_tools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "D370F2E3-EF8A-440C-8319-D52FA3431428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F47057A9-2DDE-4178-B140-F7D70EAED8F6",
              "versionEndIncluding": "12.2.24",
              "versionStartIncluding": "12.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D8B3B57-73D6-4402-987F-8AE723D52F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_analytics:18.8.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9948AB-0CA6-4148-949C-E500466B45F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_analytics:19.12.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56D17905-5E69-4BD5-973B-30662AC3D678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_analytics:20.12.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E72A74-F6A9-48EE-9279-3D9E53C2EC30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_data_warehouse:18.8.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F14C6AB5-CC45-4753-A60F-1F527B063127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_data_warehouse:19.12.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "583BBDF1-DBE4-486D-ABF8-7D2B0408490A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_data_warehouse:20.12.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9810151-6F80-48FD-A51E-F063EB2B7324",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48",
              "versionEndIncluding": "17.12.11",
              "versionStartIncluding": "17.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A621A5AE-6974-4BA5-B1AC-7130A46F68F5",
              "versionEndIncluding": "18.8.13",
              "versionStartIncluding": "18.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4096281D-2EBA-490D-8180-3C9D05EB890A",
              "versionEndIncluding": "19.12.12",
              "versionStartIncluding": "19.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792",
              "versionEndIncluding": "20.12.7",
              "versionStartIncluding": "20.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F45363-236B-4040-8AE4-C6C0E204EDBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAB9BA0D-7149-4221-A5AE-D4664E11C86F",
              "versionEndIncluding": "17.12.0.0-17.12.20.0",
              "versionStartIncluding": "17.12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4EAC8-A743-4658-AD72-088A5E747180",
              "versionEndIncluding": "18.8.24.0",
              "versionStartIncluding": "18.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0DEC50-F4CD-4ACA-A118-D4F0D4F4C981",
              "versionEndIncluding": "19.12.18.0",
              "versionStartIncluding": "19.12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "651104CE-0569-4E6D-ACAB-AD2AC85084DD",
              "versionEndIncluding": "20.12.12.0",
              "versionStartIncluding": "20.12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45D89239-9142-46BD-846D-76A5A74A67B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E867F5E0-48A0-4D84-A0CA-A428FB2264D4",
              "versionEndIncluding": "17.12.20.0",
              "versionStartIncluding": "17.12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05B3FCDE-7EF8-49CA-9C09-9033E5D7B91E",
              "versionEndIncluding": "18.8.24.0",
              "versionStartIncluding": "18.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05848067-59FF-4C90-A8BA-D1E4311B3A82",
              "versionEndIncluding": "19.12.17.0",
              "versionStartIncluding": "19.12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6AD8C8-96ED-4CFB-9953-99139FABCE35",
              "versionEndIncluding": "20.12.9.0",
              "versionStartIncluding": "20.12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F67F218D-E827-482B-8417-483713F31D69",
              "versionEndIncluding": "18.0.3.0",
              "versionStartIncluding": "18.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_portfolio_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADB354B-AD0D-4EFA-B7C6-71A35FA0AFF9",
              "versionEndIncluding": "19.0.1.2",
              "versionStartIncluding": "19.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_portfolio_management:20.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B3B01A-532C-45B7-9BFC-19AABF55644B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_portfolio_management:20.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "683ABA64-9F16-4C23-8AF3-BB0C19FED9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
              "versionEndIncluding": "17.12",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:rapid_planning:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE004F32-F4DA-45A8-AD11-8924C4F1076A",
              "versionEndIncluding": "12.2.11",
              "versionStartIncluding": "12.2.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:real-time_decision_server:3.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C914A8CA-352B-4B02-8A2F-D5A6EC04AF53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADD7026-EF85-40A5-8563-7A34C6941B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "58F019E8-F68D-41B5-9480-0A81616F2E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:rest_data_services:21.2.4:*:*:*:-:*:*:*",
              "matchCriteriaId": "12F5FDCF-EA13-44F1-B3D8-94310CD3841C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_allocation:14.1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "51E83F05-B691-4450-BCA9-32209AEC4F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_allocation:15.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "288235F9-2F9E-469A-BE14-9089D0782875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_allocation:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6672F9C1-DA04-47F1-B699-C171511ACE38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_allocation:19.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E57939-A543-44F7-942A-88690E39EABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D4D479-0294-4F31-B719-8544C8DC4554",
              "versionEndIncluding": "16.0.2",
              "versionStartIncluding": "16.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "48C9BD8E-7214-4B44-B549-6F11B3EA8A04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0735989-13BD-40B3-B954-AC0529C5B53D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58405263-E84C-4071-BB23-165D49034A00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_insights:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08DF20EA-D1A6-4437-90F6-C0C40273CE5B",
              "versionEndIncluding": "16.0.2",
              "versionStartIncluding": "16.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B92BB355-DB00-438E-84E5-8EC007009576",
              "versionEndIncluding": "19.0",
              "versionStartIncluding": "16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_eftlink:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3796186-D3A7-4259-846B-165AD9CEB7F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_eftlink:17.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDA5540-692D-47DA-9F68-83158D9AE628",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_eftlink:18.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5435583-C454-4AC9-8A35-D2D30EB252EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_eftlink:19.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2140357-503A-4D2A-A099-CFA4DC649E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_eftlink:20.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BAE5686-8E11-4EF1-BC7E-5C565F2440C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "31FFE404-027E-4B59-B3EF-BD20E1F7EECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "798E4FEE-9B2B-436E-A2B3-B8AA1079892A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B042849-7EF5-4A5F-B6CD-712C0B8735BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7435071D-0C95-4686-A978-AFC4C9A0D0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F6FD19-A314-4A1F-96CB-6DB1CED79430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A921C710-1C59-429F-B985-67C0DBFD695E",
              "versionEndIncluding": "16.0.3",
              "versionStartIncluding": "16.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "40AABFD3-1D0D-4C6B-BA9A-9DA70241B51C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EEF867A-587A-45E1-B2F6-0B903903F0F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CFCE558-9972-46A2-8539-C16044F1BAA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:19.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDF4CB0-4680-449A-8576-915721D59500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD311C33-A309-44D5-BBFB-539D72C7F8C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_invoice_matching:15.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0472632-4104-4397-B619-C4E86A748465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_invoice_matching:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "48E25E7C-F7E8-4739-8251-00ACD11C12FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7BD0D41-1BED-4C4F-95C8-8987C98908DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_management_system:19.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B5DC78-1C24-4F2B-A254-D833FAF47013",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_point-of-sale:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "274999E6-18ED-46F0-8CF2-56374B3DF174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1A4F12-3E64-41CF-B2B3-B6AB734B69E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "9002379B-4FDA-44F3-98EB-0C9B6083E429",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24A3C819-5151-4543-A5C6-998C9387C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.115:*:*:*:*:*:*:*",
              "matchCriteriaId": "476B038D-7F60-482D-87AD-B58BEA35558E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB98961-8C99-4490-A6B8-9A5158784F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.240:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB86C644-7B79-4F87-A06D-C178E8C2B8B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19C5CC9-544A-4E4D-8F0A-579BB5270F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:14.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E1A9B0C-735A-40B4-901C-663CF5162E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B956113-5B3B-436D-858B-8F29FB304364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DD7FAB-0E0F-4319-95BF-C90881CE2E7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8917F6-00E7-47EC-B86D-A3B11D5F0E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:15.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC456422-00B5-498E-A28E-EA834367D943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC5F424-119D-4C66-8251-E735EEFBC0BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_price_management:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C745606-0EF8-4E57-BFBC-C3FB39CB7E1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE45891-A6A5-4699-90A6-6F49E60A7987",
              "versionEndIncluding": "16.0.3",
              "versionStartIncluding": "16.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "054F9E62-A6D6-4850-83AD-3628C74A4384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E702EBED-DB39-4084-84B1-258BC5FE7545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F7956BF-D5B6-484B-999C-36B45CD8B75B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_service_backbone:19.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D14A54A-4B04-41DE-B731-844D8AC3BE23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DA6B655-A445-42E5-B6D9-70AB1C04774A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_size_profile_optimization:16.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74ACC94B-4A9F-451D-B639-6008A108BDDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "48EFC111-B01B-4C34-87E4-D6B2C40C0122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "073FEA23-E46A-4C73-9D29-95CFF4F5A59D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69FB468-EAF3-4E67-95E7-DF92C281C1F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "667A06DE-E173-406F-94DA-1FE64BCFAE18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E39D5C-5EFA-4FEB-909E-0A92004F2563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06816711-7C49-47B9-A9D7-FB18CC3F42F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8929B61-16EC-4FE0-98A5-1CC7CC7FD9CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:siebel_applications:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA63BB4-27A9-4B26-B01C-1F527C7B9454",
              "versionEndExcluding": "21.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:spatial_studio:21.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D926BD38-E66E-41DA-9F65-40D68F8D8890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:thesaurus_management_system:5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E3B232-073E-433B-977A-1742B75109B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:thesaurus_management_system:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6FDC33-D57E-4C6A-B633-BFC587147037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:thesaurus_management_system:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B01572-9D32-44B2-8FCF-C282C887DB51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "513AE97F-161C-43D2-B2D1-653125A9E920",
              "versionEndExcluding": "11.2.2.8.27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34656ECE-15CB-495C-8573-7C98B383F15B",
              "versionEndExcluding": "21.1.1.1.0",
              "versionStartIncluding": "21.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51309958-121D-4649-AB9A-EBFA3A49F7CB",
              "versionEndIncluding": "4.3.0.6.0",
              "versionStartIncluding": "4.3.0.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5435B365-BFF3-4A9E-B45C-42D8F1E20FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FAC3840-2CF8-44CE-81BB-EEEBDA00A34A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F906F04-39E4-4BE4-8A73-9D058AAADB43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B393A82-476A-4270-A903-38ED4169E431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5B4C338-11E1-4235-9D5A-960B2711AC39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C93F84E-9680-44EF-8656-D27440B51698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A2A4B0-88FC-41D1-8719-4FAABED19F8E",
              "versionEndExcluding": "6.1.32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A4F71A-4269-40FC-8F61-1D1301F2B728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A502118-5B2B-47AE-82EC-1999BD841103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:zfs_storage_application_integration_engineering_software:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB85582D-0106-47F1-894F-0BC4FF0B5462",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569C0BD-16C1-441E-BAEB-840C94BE73EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:fujitsu_m10-1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DB505EC-A54C-4033-B3A6-24CEF87A855D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:oracle:fujitsu_m10-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63BFBA-A4D8-43D1-A13E-DEED6AEF596B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:fujitsu_m10-4_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A48DA6-C5A5-4B3D-B43B-31380223A55A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:oracle:fujitsu_m10-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4BB5347-D09D-4FC5-9F1C-7F3E036C18AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB27AABE-079B-4DF0-ABEF-0D3329685B1E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:oracle:fujitsu_m10-4s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "529D4274-F33B-47C7-A3FB-6F86096FD955",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:fujitsu_m12-1_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D2D622F-E345-4A4D-861F-6460DF56880C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:oracle:fujitsu_m12-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A534E662-66B7-448B-A763-6B043112C877",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:fujitsu_m12-2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCBEE0C8-CC99-4A25-9342-208D4DB91AAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:oracle:fujitsu_m12-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95541D18-5C33-49E9-924D-0B21162EC2C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5C60CD-F890-4E3F-A2C3-9153591E7647",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:oracle:fujitsu_m12-2s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FD4F61-0A4F-4C74-A852-B1CD3639E1D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotaci\u00f3n del validador SafeHtml no puede sanear apropiadamente las cargas \u00fatiles que consisten en c\u00f3digo potencialmente malicioso en los comentarios e instrucciones HTML. Esta vulnerabilidad puede resultar en un ataque de tipo XSS."
    }
  ],
  "id": "CVE-2019-10219",
  "lastModified": "2025-07-07T14:15:21.437",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-08T15:15:11.157",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0159"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0160"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0161"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0164"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0445"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56cee"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0160"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

CERTFR-2023-AVI-0648

Vulnerability from certfr_avis - Published: 2023-08-10 - Updated: 2023-08-10

De multiples vulnérabilités ont été découvertes dans les produits NetApp. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
NetApp	NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S	NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S sans les correctifs de sécurité du 08 août 2023
NetApp	Active IQ Unified Manager pour Linux	Active IQ Unified Manager pour Linux sans les correctifs de sécurité du 08 août 2023
NetApp	NetApp HCI Baseboard Management Controller (BMC) - H410C	NetApp HCI Baseboard Management Controller (BMC) - H410C sans les correctifs de sécurité du 08 août 2023
NetApp	Active IQ Unified Manager pour Microsoft Windows	Active IQ Unified Manager pour Microsoft Windows sans les correctifs de sécurité du 08 août 2023
NetApp	Active IQ Unified Manager pour VMware vSphere	Active IQ Unified Manager pour VMware vSphere sans les correctifs de sécurité du 08 août 2023

References

Title

Publication Time

Tags

Bulletin de sécurité NetApp ntap-20220210-0024 du 08 août 2023	None	vendor-advisory
Bulletin de sécurité NetApp ntap-20230427-0011 du 08 août 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023",
      "product": {
        "name": "NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Active IQ Unified Manager pour Linux sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023",
      "product": {
        "name": "Active IQ Unified Manager pour Linux",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "NetApp HCI Baseboard Management Controller (BMC) - H410C sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023",
      "product": {
        "name": "NetApp HCI Baseboard Management Controller (BMC) - H410C",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Active IQ Unified Manager pour Microsoft Windows sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023",
      "product": {
        "name": "Active IQ Unified Manager pour Microsoft Windows",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Active IQ Unified Manager pour VMware vSphere sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023",
      "product": {
        "name": "Active IQ Unified Manager pour VMware vSphere",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-0812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0812"
    },
    {
      "name": "CVE-2019-10219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
    }
  ],
  "initial_release_date": "2023-08-10T00:00:00",
  "last_revision_date": "2023-08-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0648",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nNetApp. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NetApp",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp ntap-20220210-0024 du 08 ao\u00fbt 2023",
      "url": "https://security.netapp.com/advisory/ntap-20220210-0024/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp ntap-20230427-0011 du 08 ao\u00fbt 2023",
      "url": "https://security.netapp.com/advisory/ntap-20230427-0011/"
    }
  ]
}

CERTFR-2022-AVI-056

Vulnerability from certfr_avis - Published: 2022-01-19 - Updated: 2022-01-19

De multiples vulnérabilités ont été découvertes dans Oracle WebLogic Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	Weblogic	Oracle WebLogic Server versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2022.html du 18 janvier 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle WebLogic Server versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-29425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
    },
    {
      "name": "CVE-2022-21371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21371"
    },
    {
      "name": "CVE-2022-21252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21252"
    },
    {
      "name": "CVE-2020-13956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
    },
    {
      "name": "CVE-2022-21292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21292"
    },
    {
      "name": "CVE-2020-2934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
    },
    {
      "name": "CVE-2022-21257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21257"
    },
    {
      "name": "CVE-2021-4104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
    },
    {
      "name": "CVE-2022-21347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21347"
    },
    {
      "name": "CVE-2022-21361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21361"
    },
    {
      "name": "CVE-2022-21260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21260"
    },
    {
      "name": "CVE-2022-21258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21258"
    },
    {
      "name": "CVE-2021-27568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
    },
    {
      "name": "CVE-2018-1324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1324"
    },
    {
      "name": "CVE-2022-21259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21259"
    },
    {
      "name": "CVE-2019-10219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
    },
    {
      "name": "CVE-2022-21353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21353"
    },
    {
      "name": "CVE-2022-21306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21306"
    },
    {
      "name": "CVE-2022-21350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21350"
    },
    {
      "name": "CVE-2022-21262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21262"
    },
    {
      "name": "CVE-2021-44832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
    },
    {
      "name": "CVE-2022-21386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21386"
    },
    {
      "name": "CVE-2022-21261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21261"
    },
    {
      "name": "CVE-2020-5258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-5258"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    }
  ],
  "initial_release_date": "2022-01-19T00:00:00",
  "last_revision_date": "2022-01-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-056",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-01-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle WebLogic\nServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2022.html du 18 janvier 2022",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixFMW"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-10219 (GCVE-0-2019-10219)

GSD-2019-10219

GHSA-M8P2-495H-CCMH

CVE-2019-10219

FKIE_CVE-2019-10219

CERTFR-2023-AVI-0648

Solution

CERTFR-2022-AVI-056

Solution

Tags

Sightings

Nomenclature