Vulnerability-Lookup

CVE-2021-34141 (GCVE-0-2021-34141)

Vulnerability from cvelistv5 – Published: 2021-12-17 18:43 – Updated: 2024-08-04 00:05

Summary

An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/numpy/numpy/issues/18993	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujul2022.html	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:05:52.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/numpy/numpy/issues/18993"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-25T16:28:56.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/numpy/numpy/issues/18993"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-34141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/numpy/numpy/issues/18993",
              "refsource": "MISC",
              "url": "https://github.com/numpy/numpy/issues/18993"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-34141",
    "datePublished": "2021-12-17T18:43:17.000Z",
    "dateReserved": "2021-06-07T00:00:00.000Z",
    "dateUpdated": "2024-08-04T00:05:52.187Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-FPFV-JQM9-F5JM

Vulnerability from github – Published: 2021-12-18 00:00 – Updated: 2022-06-21 20:12

Summary

Incorrect Comparison in NumPy

Details

Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.

Severity ?

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "numpy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-34141"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-697"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-21T20:12:53Z",
    "nvd_published_at": "2021-12-17T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.",
  "id": "GHSA-fpfv-jqm9-f5jm",
  "modified": "2022-06-21T20:12:53Z",
  "published": "2021-12-18T00:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34141"
    },
    {
      "type": "WEB",
      "url": "https://github.com/numpy/numpy/issues/18993"
    },
    {
      "type": "WEB",
      "url": "https://github.com/numpy/numpy/issues/18993#issuecomment-1010735102"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-fpfv-jqm9-f5jm"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/numpy/numpy"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-855.yaml"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Incorrect Comparison in NumPy"
}

PYSEC-2021-855

Vulnerability from pysec - Published: 2021-12-17 19:15 - Updated: 2021-12-22 21:28

Details

Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.

Impacted products

Name	purl
numpy	pkg:pypi/numpy

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "numpy",
        "purl": "pkg:pypi/numpy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.9.0"
            },
            {
              "fixed": "1.10.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.9.0",
        "1.9.1",
        "1.9.2",
        "1.9.3"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-34141",
    "GHSA-fpfv-jqm9-f5jm"
  ],
  "details": "Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.",
  "id": "PYSEC-2021-855",
  "modified": "2021-12-22T21:28:25.894913Z",
  "published": "2021-12-17T19:15:00Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://github.com/numpy/numpy/issues/18993"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-fpfv-jqm9-f5jm"
    }
  ]
}

CERTFR-2025-AVI-0585

Vulnerability from certfr_avis - Published: 2025-07-11 - Updated: 2025-07-11

De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu	Tanzu pour Valkey versions antérieures à 8.1.2
VMware	Tanzu	Tanzu pour Postgres sur Kubernetes versions antérieures à 4.2.1
VMware	Tanzu	Tanzu Greenplum versions antérieures à 6.30.0

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 35935	2025-07-11	vendor-advisory
Bulletin de sécurité VMware 35934	2025-07-10	vendor-advisory
Bulletin de sécurité VMware 35931	2025-07-10	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu pour Valkey versions ant\u00e9rieures \u00e0 8.1.2",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": " Tanzu pour Postgres sur Kubernetes versions ant\u00e9rieures \u00e0 4.2.1",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.30.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2023-1175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
    },
    {
      "name": "CVE-2022-2817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2817"
    },
    {
      "name": "CVE-2022-2182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2182"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2023-4504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4504"
    },
    {
      "name": "CVE-2022-2874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
    },
    {
      "name": "CVE-2025-25724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
    },
    {
      "name": "CVE-2024-7531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7531"
    },
    {
      "name": "CVE-2021-25317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25317"
    },
    {
      "name": "CVE-2021-3968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3968"
    },
    {
      "name": "CVE-2023-48237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
    },
    {
      "name": "CVE-2022-2344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2344"
    },
    {
      "name": "CVE-2023-48706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
    },
    {
      "name": "CVE-2022-3016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3016"
    },
    {
      "name": "CVE-2023-7216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7216"
    },
    {
      "name": "CVE-2024-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
    },
    {
      "name": "CVE-2021-31535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
    },
    {
      "name": "CVE-2022-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2285"
    },
    {
      "name": "CVE-2022-2208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
    },
    {
      "name": "CVE-2022-2982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2982"
    },
    {
      "name": "CVE-2023-5441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
    },
    {
      "name": "CVE-2022-2287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2287"
    },
    {
      "name": "CVE-2022-3153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
    },
    {
      "name": "CVE-2022-2946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2946"
    },
    {
      "name": "CVE-2022-2862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2862"
    },
    {
      "name": "CVE-2022-2889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2889"
    },
    {
      "name": "CVE-2021-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4173"
    },
    {
      "name": "CVE-2020-12413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12413"
    },
    {
      "name": "CVE-2025-4330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
    },
    {
      "name": "CVE-2023-48235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
    },
    {
      "name": "CVE-2023-0051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0051"
    },
    {
      "name": "CVE-2024-43374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
    },
    {
      "name": "CVE-2025-4138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
    },
    {
      "name": "CVE-2024-41957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
    },
    {
      "name": "CVE-2023-4781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4781"
    },
    {
      "name": "CVE-2023-48231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
    },
    {
      "name": "CVE-2023-2609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
    },
    {
      "name": "CVE-2022-3324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3324"
    },
    {
      "name": "CVE-2024-38819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
    },
    {
      "name": "CVE-2023-1170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
    },
    {
      "name": "CVE-2022-2257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2257"
    },
    {
      "name": "CVE-2024-45306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45306"
    },
    {
      "name": "CVE-2023-4751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4751"
    },
    {
      "name": "CVE-2021-4136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4136"
    },
    {
      "name": "CVE-2023-4738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4738"
    },
    {
      "name": "CVE-2021-3928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3928"
    },
    {
      "name": "CVE-2015-1197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1197"
    },
    {
      "name": "CVE-2023-48233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
    },
    {
      "name": "CVE-2022-2042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2042"
    },
    {
      "name": "CVE-2022-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2183"
    },
    {
      "name": "CVE-2024-29040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29040"
    },
    {
      "name": "CVE-2017-1000383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000383"
    },
    {
      "name": "CVE-2025-47268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
    },
    {
      "name": "CVE-2022-2304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2304"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2022-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2819"
    },
    {
      "name": "CVE-2022-3705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3705"
    },
    {
      "name": "CVE-2023-1264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
    },
    {
      "name": "CVE-2022-4293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
    },
    {
      "name": "CVE-2025-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
    },
    {
      "name": "CVE-2024-38820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
    },
    {
      "name": "CVE-2022-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3234"
    },
    {
      "name": "CVE-2022-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2126"
    },
    {
      "name": "CVE-2021-3973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3973"
    },
    {
      "name": "CVE-2021-4166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4166"
    },
    {
      "name": "CVE-2022-3256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3256"
    },
    {
      "name": "CVE-2025-4517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
    },
    {
      "name": "CVE-2022-2343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2343"
    },
    {
      "name": "CVE-2022-2849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2849"
    },
    {
      "name": "CVE-2025-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
    },
    {
      "name": "CVE-2022-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3235"
    },
    {
      "name": "CVE-2022-2980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
    },
    {
      "name": "CVE-2024-41965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
    },
    {
      "name": "CVE-2022-3134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3134"
    },
    {
      "name": "CVE-2023-0512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0512"
    },
    {
      "name": "CVE-2022-2175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2175"
    },
    {
      "name": "CVE-2022-3297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3297"
    },
    {
      "name": "CVE-2022-0213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
    },
    {
      "name": "CVE-2022-1616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1616"
    },
    {
      "name": "CVE-2023-48236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
    },
    {
      "name": "CVE-2025-4435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
    },
    {
      "name": "CVE-2024-47814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
    },
    {
      "name": "CVE-2022-2923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
    },
    {
      "name": "CVE-2025-6020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
    },
    {
      "name": "CVE-2022-2284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2284"
    },
    {
      "name": "CVE-2024-12718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
    },
    {
      "name": "CVE-2024-53920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
    },
    {
      "name": "CVE-2022-2286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2286"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2022-3352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3352"
    },
    {
      "name": "CVE-2023-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0054"
    },
    {
      "name": "CVE-2025-31344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
    },
    {
      "name": "CVE-2025-24014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2022-3296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3296"
    },
    {
      "name": "CVE-2021-45261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45261"
    },
    {
      "name": "CVE-2022-42889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
    },
    {
      "name": "CVE-2023-0433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0433"
    },
    {
      "name": "CVE-2022-2345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2345"
    },
    {
      "name": "CVE-2021-3974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3974"
    },
    {
      "name": "CVE-2022-2845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2845"
    },
    {
      "name": "CVE-2022-2210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2210"
    },
    {
      "name": "CVE-2022-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2023-4735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4735"
    },
    {
      "name": "CVE-2023-4734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4734"
    },
    {
      "name": "CVE-2023-2610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2610"
    },
    {
      "name": "CVE-2025-29768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
    },
    {
      "name": "CVE-2022-1620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1620"
    },
    {
      "name": "CVE-2023-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5535"
    },
    {
      "name": "CVE-2022-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1720"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2024-38828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
    },
    {
      "name": "CVE-2022-4292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4292"
    },
    {
      "name": "CVE-2024-47081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
    },
    {
      "name": "CVE-2025-22134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
    },
    {
      "name": "CVE-2025-1215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
    },
    {
      "name": "CVE-2023-48232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
    },
    {
      "name": "CVE-2022-2522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2522"
    },
    {
      "name": "CVE-2022-2129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2129"
    },
    {
      "name": "CVE-2023-48234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
    },
    {
      "name": "CVE-2022-0351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
    },
    {
      "name": "CVE-2024-22667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
    },
    {
      "name": "CVE-2023-46246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
    },
    {
      "name": "CVE-2025-27151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27151"
    },
    {
      "name": "CVE-2024-43802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2025-5702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
    },
    {
      "name": "CVE-2023-0288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0288"
    },
    {
      "name": "CVE-2025-52968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52968"
    },
    {
      "name": "CVE-2022-3037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3037"
    },
    {
      "name": "CVE-2022-1674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
    },
    {
      "name": "CVE-2022-3278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
    },
    {
      "name": "CVE-2022-2206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2206"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2022-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2124"
    },
    {
      "name": "CVE-2023-7207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7207"
    },
    {
      "name": "CVE-2022-1619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1619"
    },
    {
      "name": "CVE-2025-31650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
    },
    {
      "name": "CVE-2022-4141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4141"
    },
    {
      "name": "CVE-2022-3099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3099"
    },
    {
      "name": "CVE-2021-4187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4187"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2021-3927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3927"
    },
    {
      "name": "CVE-2024-38816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
    },
    {
      "name": "CVE-2021-34141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
    },
    {
      "name": "CVE-2023-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0049"
    },
    {
      "name": "CVE-2023-5344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5344"
    },
    {
      "name": "CVE-2021-33430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
    },
    {
      "name": "CVE-2022-2125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2125"
    },
    {
      "name": "CVE-2022-2207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2207"
    },
    {
      "name": "CVE-2017-6519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6519"
    },
    {
      "name": "CVE-2025-3576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
    },
    {
      "name": "CVE-2023-1127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1127"
    }
  ],
  "initial_release_date": "2025-07-11T00:00:00",
  "last_revision_date": "2025-07-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0585",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
  "vendor_advisories": [
    {
      "published_at": "2025-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35935",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35935"
    },
    {
      "published_at": "2025-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35934",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35934"
    },
    {
      "published_at": "2025-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35931",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35931"
    }
  ]
}

CERTFR-2022-AVI-767

Vulnerability from certfr_avis - Published: 2022-08-24 - Updated: 2022-08-24

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.3.x antérieures à 7.3.3 Fix Pack 12
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 Update Pack 2
IBM	Spectrum	IBM Spectrum Discover versions antérieures à 2.0.4.7
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.4.x antérieures à 7.4.3 Fix Pack 6

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6614909 du 23 août 2022	None	vendor-advisory
Bulletin de sécurité IBM 6614725 du 23 août 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM QRadar SIEM versions 7.3.x ant\u00e9rieures \u00e0 7.3.3 Fix Pack 12",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 Update Pack 2",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Discover versions ant\u00e9rieures \u00e0 2.0.4.7",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.4.x ant\u00e9rieures \u00e0 7.4.3 Fix Pack 6",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
    },
    {
      "name": "CVE-2021-20180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20180"
    },
    {
      "name": "CVE-2021-45960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
    },
    {
      "name": "CVE-2022-24407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
    },
    {
      "name": "CVE-2020-25658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25658"
    },
    {
      "name": "CVE-2020-15084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15084"
    },
    {
      "name": "CVE-2021-28169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
    },
    {
      "name": "CVE-2021-3677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
    },
    {
      "name": "CVE-2022-22823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
    },
    {
      "name": "CVE-2022-24773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24773"
    },
    {
      "name": "CVE-2022-25315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
    },
    {
      "name": "CVE-2022-22822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
    },
    {
      "name": "CVE-2020-7720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7720"
    },
    {
      "name": "CVE-2022-24302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24302"
    },
    {
      "name": "CVE-2020-14330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14330"
    },
    {
      "name": "CVE-2021-42581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
    },
    {
      "name": "CVE-2021-43138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
    },
    {
      "name": "CVE-2021-28163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28163"
    },
    {
      "name": "CVE-2021-28165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
    },
    {
      "name": "CVE-2022-23852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
    },
    {
      "name": "CVE-2022-22825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
    },
    {
      "name": "CVE-2021-4083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
    },
    {
      "name": "CVE-2021-43859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43859"
    },
    {
      "name": "CVE-2022-25235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
    },
    {
      "name": "CVE-2021-41496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41496"
    },
    {
      "name": "CVE-2021-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
    },
    {
      "name": "CVE-2021-46462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46462"
    },
    {
      "name": "CVE-2021-22060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22060"
    },
    {
      "name": "CVE-2021-23386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23386"
    },
    {
      "name": "CVE-2022-0718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0718"
    },
    {
      "name": "CVE-2019-18874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18874"
    },
    {
      "name": "CVE-2022-22827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
    },
    {
      "name": "CVE-2022-1214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1214"
    },
    {
      "name": "CVE-2022-24772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24772"
    },
    {
      "name": "CVE-2022-25236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
    },
    {
      "name": "CVE-2022-22720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
    },
    {
      "name": "CVE-2021-34429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34429"
    },
    {
      "name": "CVE-2022-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0122"
    },
    {
      "name": "CVE-2021-28164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28164"
    },
    {
      "name": "CVE-2022-22826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
    },
    {
      "name": "CVE-2022-24771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24771"
    },
    {
      "name": "CVE-2021-44907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
    },
    {
      "name": "CVE-2017-1000048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000048"
    },
    {
      "name": "CVE-2021-46461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46461"
    },
    {
      "name": "CVE-2022-22824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
    },
    {
      "name": "CVE-2021-34141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
    },
    {
      "name": "CVE-2020-13757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13757"
    },
    {
      "name": "CVE-2020-7598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
    },
    {
      "name": "CVE-2021-3533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3533"
    },
    {
      "name": "CVE-2021-46463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46463"
    },
    {
      "name": "CVE-2017-16137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16137"
    },
    {
      "name": "CVE-2022-26488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
    },
    {
      "name": "CVE-2021-34428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
    },
    {
      "name": "CVE-2020-28463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28463"
    }
  ],
  "initial_release_date": "2022-08-24T00:00:00",
  "last_revision_date": "2022-08-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-767",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-08-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6614909 du 23 ao\u00fbt 2022",
      "url": "https://www.ibm.com/support/pages/node/6614909"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6614725 du 23 ao\u00fbt 2022",
      "url": "https://www.ibm.com/support/pages/node/6614725"
    }
  ]
}

CERTFR-2025-AVI-0524

Vulnerability from certfr_avis - Published: 2025-06-19 - Updated: 2025-06-19

De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Greenplum	Tanzu Greenplum Data Copy Utility versions antérieures à 2.8.0
VMware	Tanzu	Tanzu Data Lake versions antérieures à 1.1.0
VMware	Tanzu	Tanzu pour Postgres sur Kubernetes versions antérieures à 4.1.0 et 4.2.0
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions antérieures à 6.14.0 et 7.4.0
VMware	Tanzu Greenplum	Tanzu Greenplum Backup and Restore versions antérieures à 1.31.1
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server versions antérieures à 2.1.0
VMware	Tanzu Greenplum	Tanzu Greenplum versions 6.x antérieures à 6.29.1
VMware	Tanzu Greenplum	Tanzu Greenplum versions 7.x antérieures à 7.5.0
VMware	Tanzu	VMware Tanzu pour Valkey sur Kubernetes versions antérieures à 1.1.0 et 2.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 35841	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35844	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35843	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35842	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35846	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35849	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35840	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35847	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35839	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35845	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35848	2025-06-18	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Greenplum Data Copy Utility  versions ant\u00e9rieures \u00e0  2.8.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres sur Kubernetes  versions ant\u00e9rieures \u00e0 4.1.0 et 4.2.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Command Center  versions ant\u00e9rieures \u00e0  6.14.0 et 7.4.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Backup and Restore  versions ant\u00e9rieures \u00e0  1.31.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Streaming Server  versions ant\u00e9rieures \u00e0  2.1.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum  versions 6.x ant\u00e9rieures \u00e0  6.29.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum  versions 7.x ant\u00e9rieures \u00e0  7.5.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Tanzu pour Valkey sur Kubernetes  versions ant\u00e9rieures \u00e0 1.1.0 et 2.0.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2019-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2126"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2021-45943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45943"
    },
    {
      "name": "CVE-2021-34141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
    },
    {
      "name": "CVE-2022-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2022-41862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2022-40898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2023-2455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-4752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
    },
    {
      "name": "CVE-2022-0543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2024-1580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1580"
    },
    {
      "name": "CVE-2016-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2023-45289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
    },
    {
      "name": "CVE-2023-45290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
    },
    {
      "name": "CVE-2024-24783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
    },
    {
      "name": "CVE-2024-24784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
    },
    {
      "name": "CVE-2024-24785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2024-23807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2023-5752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2023-4641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2024-22667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
    },
    {
      "name": "CVE-2023-6228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2024-24787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
    },
    {
      "name": "CVE-2024-24788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
    },
    {
      "name": "CVE-2024-7348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
    },
    {
      "name": "CVE-2023-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-24789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
    },
    {
      "name": "CVE-2024-34155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
    },
    {
      "name": "CVE-2024-34156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
    },
    {
      "name": "CVE-2024-34158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
    },
    {
      "name": "CVE-2024-24790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2022-48468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
    },
    {
      "name": "CVE-2023-48161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
    },
    {
      "name": "CVE-2024-11168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
    },
    {
      "name": "CVE-2024-10976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
    },
    {
      "name": "CVE-2024-10977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
    },
    {
      "name": "CVE-2024-10978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
    },
    {
      "name": "CVE-2024-10979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
    },
    {
      "name": "CVE-2024-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
    },
    {
      "name": "CVE-2024-10963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
    },
    {
      "name": "CVE-2025-21490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
    },
    {
      "name": "CVE-2025-21491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
    },
    {
      "name": "CVE-2025-21497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
    },
    {
      "name": "CVE-2025-21500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
    },
    {
      "name": "CVE-2025-21501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
    },
    {
      "name": "CVE-2025-21503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
    },
    {
      "name": "CVE-2025-21505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
    },
    {
      "name": "CVE-2025-21519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
    },
    {
      "name": "CVE-2025-21522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
    },
    {
      "name": "CVE-2025-21523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
    },
    {
      "name": "CVE-2025-21529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
    },
    {
      "name": "CVE-2025-21540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
    },
    {
      "name": "CVE-2025-21546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
    },
    {
      "name": "CVE-2025-21555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
    },
    {
      "name": "CVE-2025-21559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2024-24791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
    },
    {
      "name": "CVE-2023-24531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
    },
    {
      "name": "CVE-2024-45336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
    },
    {
      "name": "CVE-2024-45341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
    },
    {
      "name": "CVE-2025-22866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2022-42967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42967"
    },
    {
      "name": "CVE-2024-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-22235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
    },
    {
      "name": "CVE-2025-31650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2025-27363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2024-55549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2024-12133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2025-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
    },
    {
      "name": "CVE-2025-1390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
    },
    {
      "name": "CVE-2025-31115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
    },
    {
      "name": "CVE-2012-0880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
    },
    {
      "name": "CVE-2017-17507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17507"
    },
    {
      "name": "CVE-2017-8806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
    },
    {
      "name": "CVE-2018-10126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10126"
    },
    {
      "name": "CVE-2018-11205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11205"
    },
    {
      "name": "CVE-2018-13866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13866"
    },
    {
      "name": "CVE-2018-13867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13867"
    },
    {
      "name": "CVE-2018-13868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13868"
    },
    {
      "name": "CVE-2018-13869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13869"
    },
    {
      "name": "CVE-2018-13870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13870"
    },
    {
      "name": "CVE-2018-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13871"
    },
    {
      "name": "CVE-2018-13872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13872"
    },
    {
      "name": "CVE-2018-13874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13874"
    },
    {
      "name": "CVE-2018-13875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13875"
    },
    {
      "name": "CVE-2018-13876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13876"
    },
    {
      "name": "CVE-2018-14031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14031"
    },
    {
      "name": "CVE-2018-14033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14033"
    },
    {
      "name": "CVE-2018-14034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14034"
    },
    {
      "name": "CVE-2018-14035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14035"
    },
    {
      "name": "CVE-2018-14460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14460"
    },
    {
      "name": "CVE-2018-15671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15671"
    },
    {
      "name": "CVE-2018-16438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16438"
    },
    {
      "name": "CVE-2018-17432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17432"
    },
    {
      "name": "CVE-2018-17433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17433"
    },
    {
      "name": "CVE-2018-17434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17434"
    },
    {
      "name": "CVE-2018-17435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17435"
    },
    {
      "name": "CVE-2018-17436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17436"
    },
    {
      "name": "CVE-2018-17437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17437"
    },
    {
      "name": "CVE-2018-17438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17438"
    },
    {
      "name": "CVE-2018-17439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17439"
    },
    {
      "name": "CVE-2019-20005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20005"
    },
    {
      "name": "CVE-2019-20006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20006"
    },
    {
      "name": "CVE-2019-20007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20007"
    },
    {
      "name": "CVE-2019-20198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20198"
    },
    {
      "name": "CVE-2019-20199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20199"
    },
    {
      "name": "CVE-2019-20200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20200"
    },
    {
      "name": "CVE-2019-20201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20201"
    },
    {
      "name": "CVE-2019-20202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20202"
    },
    {
      "name": "CVE-2019-6988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6988"
    },
    {
      "name": "CVE-2019-8396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8396"
    },
    {
      "name": "CVE-2019-8397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8397"
    },
    {
      "name": "CVE-2019-8398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8398"
    },
    {
      "name": "CVE-2019-9151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9151"
    },
    {
      "name": "CVE-2019-9152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9152"
    },
    {
      "name": "CVE-2020-10809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10809"
    },
    {
      "name": "CVE-2020-10810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10810"
    },
    {
      "name": "CVE-2020-10811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10811"
    },
    {
      "name": "CVE-2020-10812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10812"
    },
    {
      "name": "CVE-2020-18232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18232"
    },
    {
      "name": "CVE-2020-18494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18494"
    },
    {
      "name": "CVE-2021-26220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26220"
    },
    {
      "name": "CVE-2021-26221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26221"
    },
    {
      "name": "CVE-2021-26222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26222"
    },
    {
      "name": "CVE-2021-30485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30485"
    },
    {
      "name": "CVE-2021-31229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31229"
    },
    {
      "name": "CVE-2021-31347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31347"
    },
    {
      "name": "CVE-2021-31348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31348"
    },
    {
      "name": "CVE-2021-31598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31598"
    },
    {
      "name": "CVE-2021-33430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
    },
    {
      "name": "CVE-2021-37501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37501"
    },
    {
      "name": "CVE-2021-45829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45829"
    },
    {
      "name": "CVE-2021-45830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45830"
    },
    {
      "name": "CVE-2021-45832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45832"
    },
    {
      "name": "CVE-2021-45833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45833"
    },
    {
      "name": "CVE-2021-46242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46242"
    },
    {
      "name": "CVE-2021-46243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46243"
    },
    {
      "name": "CVE-2021-46244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46244"
    },
    {
      "name": "CVE-2022-25942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25942"
    },
    {
      "name": "CVE-2022-25972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25972"
    },
    {
      "name": "CVE-2022-26061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26061"
    },
    {
      "name": "CVE-2022-30045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30045"
    },
    {
      "name": "CVE-2022-4055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
    },
    {
      "name": "CVE-2022-47655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47655"
    },
    {
      "name": "CVE-2023-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0996"
    },
    {
      "name": "CVE-2023-29659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29659"
    },
    {
      "name": "CVE-2023-32570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
    },
    {
      "name": "CVE-2023-39328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
    },
    {
      "name": "CVE-2023-39329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39329"
    },
    {
      "name": "CVE-2023-51792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
    },
    {
      "name": "CVE-2023-6879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6879"
    },
    {
      "name": "CVE-2024-27304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
    },
    {
      "name": "CVE-2024-29157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29157"
    },
    {
      "name": "CVE-2024-29158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29158"
    },
    {
      "name": "CVE-2024-29159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29159"
    },
    {
      "name": "CVE-2024-29160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29160"
    },
    {
      "name": "CVE-2024-29161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29161"
    },
    {
      "name": "CVE-2024-29162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29162"
    },
    {
      "name": "CVE-2024-29163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29163"
    },
    {
      "name": "CVE-2024-29164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29164"
    },
    {
      "name": "CVE-2024-29165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29165"
    },
    {
      "name": "CVE-2024-29166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29166"
    },
    {
      "name": "CVE-2024-32605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32605"
    },
    {
      "name": "CVE-2024-32606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32606"
    },
    {
      "name": "CVE-2024-32607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32607"
    },
    {
      "name": "CVE-2024-32608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32608"
    },
    {
      "name": "CVE-2024-32609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32609"
    },
    {
      "name": "CVE-2024-32610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32610"
    },
    {
      "name": "CVE-2024-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32611"
    },
    {
      "name": "CVE-2024-32612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32612"
    },
    {
      "name": "CVE-2024-32613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32613"
    },
    {
      "name": "CVE-2024-32614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32614"
    },
    {
      "name": "CVE-2024-32615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32615"
    },
    {
      "name": "CVE-2024-32616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32616"
    },
    {
      "name": "CVE-2024-32617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32617"
    },
    {
      "name": "CVE-2024-32618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32618"
    },
    {
      "name": "CVE-2024-32619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32619"
    },
    {
      "name": "CVE-2024-32620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32620"
    },
    {
      "name": "CVE-2024-32621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32621"
    },
    {
      "name": "CVE-2024-32622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32622"
    },
    {
      "name": "CVE-2024-32623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32623"
    },
    {
      "name": "CVE-2024-32624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32624"
    },
    {
      "name": "CVE-2024-33873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33873"
    },
    {
      "name": "CVE-2024-33874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33874"
    },
    {
      "name": "CVE-2024-33875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33875"
    },
    {
      "name": "CVE-2024-33876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33876"
    },
    {
      "name": "CVE-2024-33877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33877"
    },
    {
      "name": "CVE-2024-34402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34402"
    },
    {
      "name": "CVE-2024-34403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34403"
    },
    {
      "name": "CVE-2024-38949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
    },
    {
      "name": "CVE-2024-38950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
    },
    {
      "name": "CVE-2024-41996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
    },
    {
      "name": "CVE-2024-45993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
    },
    {
      "name": "CVE-2024-46981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
    },
    {
      "name": "CVE-2024-49203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49203"
    },
    {
      "name": "CVE-2024-5171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5171"
    },
    {
      "name": "CVE-2024-51741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51741"
    },
    {
      "name": "CVE-2024-52522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52522"
    },
    {
      "name": "CVE-2024-52616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
    },
    {
      "name": "CVE-2024-53427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
    },
    {
      "name": "CVE-2024-53920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
    },
    {
      "name": "CVE-2024-56378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56378"
    },
    {
      "name": "CVE-2024-56406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
    },
    {
      "name": "CVE-2024-56826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
    },
    {
      "name": "CVE-2024-56827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
    },
    {
      "name": "CVE-2024-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6716"
    },
    {
      "name": "CVE-2025-2153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2153"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-23022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23022"
    },
    {
      "name": "CVE-2025-24528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
    },
    {
      "name": "CVE-2025-4802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
    }
  ],
  "initial_release_date": "2025-06-19T00:00:00",
  "last_revision_date": "2025-06-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0524",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
  "vendor_advisories": [
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35841",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35841"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35844",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35844"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35843",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35843"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35842",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35842"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35846",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35846"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35849",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35849"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35840",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35840"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35847",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35847"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35839",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35839"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35845",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35845"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35848",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35848"
    }
  ]
}

CERTFR-2024-AVI-0670

Vulnerability from certfr_avis - Published: 2024-08-13 - Updated: 2024-08-13

De multiples vulnérabilités ont été découvertes dans Splunk Machine Learning Toolkit. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Splunk	Machine Learning Toolkit	Machine Learning Toolkit versions antérieures à 5.4.2 avec un version de Python for Scientific Computing antérieures à 4.2.1

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2024-0801

2024-08-12

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Machine Learning Toolkit versions ant\u00e9rieures \u00e0 5.4.2 avec un version de Python for Scientific Computing ant\u00e9rieures \u00e0 4.2.1 ",
      "product": {
        "name": "Machine Learning Toolkit",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2022-40899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40899"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2024-31583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31583"
    },
    {
      "name": "CVE-2022-25882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25882"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2024-3772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3772"
    },
    {
      "name": "CVE-2020-28975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28975"
    },
    {
      "name": "CVE-2024-3568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3568"
    },
    {
      "name": "CVE-2022-40897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
    },
    {
      "name": "CVE-2023-7018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7018"
    },
    {
      "name": "CVE-2024-34062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34062"
    },
    {
      "name": "CVE-2024-27319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27319"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2024-27318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27318"
    },
    {
      "name": "CVE-2022-45907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45907"
    },
    {
      "name": "CVE-2020-28473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28473"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2023-6730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6730"
    },
    {
      "name": "CVE-2024-5206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5206"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2024-31580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31580"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2023-2800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2800"
    },
    {
      "name": "CVE-2022-31799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31799"
    },
    {
      "name": "CVE-2021-34141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-25399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25399"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    }
  ],
  "initial_release_date": "2024-08-13T00:00:00",
  "last_revision_date": "2024-08-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0670",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Splunk Machine Learning Toolkit. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Splunk Machine Learning Toolkit",
  "vendor_advisories": [
    {
      "published_at": "2024-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2024-0801",
      "url": "https://advisory.splunk.com/advisories/SVD-2024-0801"
    }
  ]
}

FKIE_CVE-2021-34141

Vulnerability from fkie_nvd - Published: 2021-12-17 19:15 - Updated: 2024-11-21 06:09

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

References

URL	Tags
cve@mitre.org	https://github.com/numpy/numpy/issues/18993	Exploit, Issue Tracking, Patch, Third Party Advisory
cve@mitre.org	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/numpy/numpy/issues/18993	Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory

Impacted products

	Vendor	Product	Version
	numpy	numpy	*
	oracle	communications_cloud_native_core_policy	22.1.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:numpy:numpy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EB75A95-68BF-48A9-9E5D-9571C7D25352",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B0C905A-EA99-4B4E-A350-7F6A63CD6EB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\""
    },
    {
      "lang": "es",
      "value": "Una comparaci\u00f3n incompleta de cadenas en el componente numpy.core en NumPy en versiones anteriores a la 1.22.0, permite a los atacantes activar una copia ligeramente incorrecta mediante la construcci\u00f3n de objetos de cadena espec\u00edficos. NOTA: el proveedor afirma que este comportamiento de c\u00f3digo reportado es \"completamente inofensivo\"."
    }
  ],
  "id": "CVE-2021-34141",
  "lastModified": "2024-11-21T06:09:56.397",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-17T19:15:07.543",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/numpy/numpy/issues/18993"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/numpy/numpy/issues/18993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-697"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2021-34141

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-34141

Aliases

CVE-2021-34141

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-34141",
    "description": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\"",
    "id": "GSD-2021-34141",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-34141.html",
      "https://ubuntu.com/security/CVE-2021-34141"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-34141"
      ],
      "details": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\"",
      "id": "GSD-2021-34141",
      "modified": "2023-12-13T01:23:14.606412Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-34141",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/numpy/numpy/issues/18993",
            "refsource": "MISC",
            "url": "https://github.com/numpy/numpy/issues/18993"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.22.0",
          "affected_versions": "All versions before 1.22.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-697",
            "CWE-937"
          ],
          "date": "2023-02-24",
          "description": "Incomplete string comparison in the numpy.core allows attackers to fail the APIs via constructing specific string objects.",
          "fixed_versions": [
            "1.22.0"
          ],
          "identifier": "CVE-2021-34141",
          "identifiers": [
            "CVE-2021-34141"
          ],
          "not_impacted": "All versions starting from 1.22.0",
          "package_slug": "pypi/numpy",
          "pubdate": "2021-12-17",
          "solution": "Upgrade to version 1.22.0 or above.",
          "title": "Incorrect Comparison",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-34141",
            "https://github.com/numpy/numpy/issues/18993"
          ],
          "uuid": "115c860c-0c6e-4d62-be39-d124419f8524"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:numpy:numpy:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.22.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-34141"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is \"completely harmless.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-697"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/numpy/numpy/issues/18993",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/numpy/numpy/issues/18993"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2023-02-24T15:35Z",
      "publishedDate": "2021-12-17T19:15Z"
    }
  }
}

CNVD-2021-101680

Vulnerability from cnvd - Published: 2021-12-23

Title

NumPy存在未明漏洞（CNVD-2021-101680）

Description

NumPy是一个Python科学计算包。该产品支持大量的维度数组与矩阵计算，同时针对数据运算提供大量的数学函数库。 NumPy 1.9存在安全漏洞，该漏洞源于软件中不完整的字符串比较。攻击者可利用该漏洞通过构造特定的字符串对象来破坏api。

Severity

高

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/numpy/numpy/pull/19539

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-34141

Impacted products

Name
NumPy NumPy >=1.9.0，<=1.9.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-34141"
    }
  },
  "description": "NumPy\u662f\u4e00\u4e2aPython\u79d1\u5b66\u8ba1\u7b97\u5305\u3002\u8be5\u4ea7\u54c1\u652f\u6301\u5927\u91cf\u7684\u7ef4\u5ea6\u6570\u7ec4\u4e0e\u77e9\u9635\u8ba1\u7b97\uff0c\u540c\u65f6\u9488\u5bf9\u6570\u636e\u8fd0\u7b97\u63d0\u4f9b\u5927\u91cf\u7684\u6570\u5b66\u51fd\u6570\u5e93\u3002\n\nNumPy 1.9\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f6f\u4ef6\u4e2d\u4e0d\u5b8c\u6574\u7684\u5b57\u7b26\u4e32\u6bd4\u8f83\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6784\u9020\u7279\u5b9a\u7684\u5b57\u7b26\u4e32\u5bf9\u8c61\u6765\u7834\u574fapi\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/numpy/numpy/pull/19539",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-101680",
  "openTime": "2021-12-23",
  "products": {
    "product": "NumPy NumPy \u003e=1.9.0\uff0c\u003c=1.9.3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-34141",
  "serverity": "\u9ad8",
  "submitTime": "2021-12-21",
  "title": "NumPy\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2021-101680\uff09"
}

CVE-2021-34141

Vulnerability from fstec - Published: 12.05.2021

Title

Уязвимость функции _convert_from_str() компонента numpy.core модуля NumPy для Python, позволяющая нарушителю инициировать копирование данных

Description

Уязвимость функции _convert_from_str() компонента numpy.core модуля NumPy для Python связана с некорректным сравнением строк. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, инициировать копирование данных с помощью специально созданных объектов

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Vendor

ООО «Ред Софт», Сообщество свободного программного обеспечения, Oracle Corp.

Software Name

РЕД ОС (запись в едином реестре российских программ №3751), NumPy, Oracle Communications Cloud Native Core Policy

Software Version

7.3 (РЕД ОС), до 1.22.0 (NumPy), 22.1.3 (Oracle Communications Cloud Native Core Policy)

Possible Mitigations

Использование рекомендаций: Для NumPy: https://github.com/numpy/numpy/releases?page=2 https://github.com/numpy/numpy/issues/18993 Для программных продуктов Oracle Corp.: https://www.oracle.com/security-alerts/cpujul2022.html Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Reference

https://github.com/numpy/numpy/issues/18993 https://www.oracle.com/security-alerts/cpujul2022.html https://nvd.nist.gov/vuln/detail/cve-2021-34141 http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

CWE

CWE-697

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 1.22.0 (NumPy), 22.1.3 (Oracle Communications Cloud Native Core Policy)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f NumPy:\nhttps://github.com/numpy/numpy/releases?page=2\nhttps://github.com/numpy/numpy/issues/18993\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Oracle Corp.:\nhttps://www.oracle.com/security-alerts/cpujul2022.html\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.05.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.01.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.11.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-06724",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-34141",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), NumPy, Oracle Communications Cloud Native Core Policy",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 _convert_from_str() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 numpy.core \u043c\u043e\u0434\u0443\u043b\u044f NumPy \u0434\u043b\u044f Python, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0435 \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0435 (CWE-697)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 _convert_from_str() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 numpy.core \u043c\u043e\u0434\u0443\u043b\u044f NumPy \u0434\u043b\u044f Python \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u043c \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0435\u043c \u0441\u0442\u0440\u043e\u043a. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/numpy/numpy/issues/18993 \nhttps://www.oracle.com/security-alerts/cpujul2022.html\nhttps://nvd.nist.gov/vuln/detail/cve-2021-34141\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0418\u0418, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-697",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-34141 (GCVE-0-2021-34141)

Solutions

Solution

Solutions

Solutions

Tags

Sightings

Nomenclature