Vulnerability-Lookup

	Vendor	Product	Version
	containerd	containerd	Affected: < 1.4.13 Affected: >= 1.5.0, < 1.5.10 Affected: >= 1.6.0, < 1.6.1

FKIE_CVE-2022-23648

Vulnerability from fkie_nvd - Published: 2022-03-03 14:15 - Updated: 2024-11-21 06:49

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.

References

URL	Tags
security-advisories@github.com	http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html	Exploit, Third Party Advisory, VDB Entry
security-advisories@github.com	https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/containerd/containerd/releases/tag/v1.4.13	Patch, Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/containerd/containerd/releases/tag/v1.5.10	Patch, Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/containerd/containerd/releases/tag/v1.6.1	Patch, Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7	Third Party Advisory
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/
security-advisories@github.com	https://security.gentoo.org/glsa/202401-31
security-advisories@github.com	https://www.debian.org/security/2022/dsa-5091	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/containerd/containerd/releases/tag/v1.4.13	Patch, Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/containerd/containerd/releases/tag/v1.5.10	Patch, Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/containerd/containerd/releases/tag/v1.6.1	Patch, Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202401-31
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2022/dsa-5091	Mailing List, Third Party Advisory

Impacted products

Vendor	Product	Version
linuxfoundation	containerd	*
linuxfoundation	containerd	*
linuxfoundation	containerd	*
debian	debian_linux	11.0
fedoraproject	fedora	34
fedoraproject	fedora	35
fedoraproject	fedora	36

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E44BA2-CF61-41F7-B332-C2C977368870",
              "versionEndExcluding": "1.4.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5783F746-15E8-403A-A79F-D58E4577185E",
              "versionEndExcluding": "1.5.10",
              "versionStartIncluding": "1.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7A0F3E7-387E-46F4-861A-8B65EBF6548A",
              "versionEndExcluding": "1.6.1",
              "versionStartIncluding": "1.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u2019s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue."
    },
    {
      "lang": "es",
      "value": "containerd es un tiempo de ejecuci\u00f3n de contenedores disponible como demonio para Linux y Windows. Se ha encontrado un fallo en containerd versiones anteriores a 1.6.1, 1.5.10 y 1.14.12, en el que los contenedores lanzados mediante la implementaci\u00f3n CRI de containerd en Linux con una configuraci\u00f3n de imagen especialmente dise\u00f1ada pod\u00edan conseguir acceso a copias de s\u00f3lo lectura de archivos y directorios arbitrarios en el host. Esto puede omitir cualquier aplicaci\u00f3n basada en pol\u00edticas sobre la configuraci\u00f3n de contenedores (incluyendo una pol\u00edtica de seguridad de Kubernetes Pod) y exponer informaci\u00f3n potencialmente confidencial. Kubernetes y crictl pueden ser configurados para usar la implementaci\u00f3n de CRI de containerd. Este error ha sido corregido en containerd versiones 1.6.1, 1.5.10 y 1.4.12. Los usuarios deben actualizar a estas versiones para resolver el problema"
    }
  ],
  "id": "CVE-2022-23648",
  "lastModified": "2024-11-21T06:49:00.957",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-03-03T14:15:07.973",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/releases/tag/v1.4.13"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/releases/tag/v1.5.10"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/releases/tag/v1.6.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://security.gentoo.org/glsa/202401-31"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/releases/tag/v1.4.13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/releases/tag/v1.5.10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/releases/tag/v1.6.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/202401-31"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5091"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2025-AVI-0562

Vulnerability from certfr_avis - Published: 2025-07-04 - Updated: 2025-07-04

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Db2	DB2 Data Management Console versions 3.1.x postérieures à 3.1.11 et antérieures à 3.1.13.1
IBM	Cognos Analytics	Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP6
IBM	Sterling	Sterling Transformation Extender version 10.1.1.1 sans le correctif de sécurité APAR PH67014
IBM	Sterling	Sterling Transformation Extender version 11.0.0.0 sans le correctif de sécurité APAR PH67014
IBM	Sterling	Sterling Transformation Extender version 10.1.0.2 sans le correctif de sécurité APAR PH67014
IBM	Cognos Analytics	Cognos Analytics versions 12.0.x antérieures à 12.0.4 FP1
IBM	Sterling	Sterling Transformation Extender version 10.1.2.1 sans le correctif de sécurité APAR PH67014
IBM	Informix Dynamic Server	Informix Dynamic Server versions 14.10.x antérieures à 14.10.xC11W2
IBM	Sterling Connect:Direct	Sterling Connect:Direct File Agent versions 1.4.0.x antérieures à 1.4.0.4
IBM	Sterling	Sterling Transformation Extender versions 11.0.1.x antérieures à 11.0.1.1 sans le correctif de sécurité APAR PH67016
IBM	Db2	DB2 Data Management Console pour CPD versions antérieures à 5.1.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 12.10.x antérieures à 12.10.xC16W2

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7238455	2025-06-28	vendor-advisory
Bulletin de sécurité IBM 7238755	2025-07-02	vendor-advisory
Bulletin de sécurité IBM 7238833	2025-07-03	vendor-advisory
Bulletin de sécurité IBM 7238824	2025-07-03	vendor-advisory
Bulletin de sécurité IBM 7238831	2025-07-03	vendor-advisory
Bulletin de sécurité IBM 7238826	2025-07-03	vendor-advisory
Bulletin de sécurité IBM 7238830	2025-07-03	vendor-advisory
Bulletin de sécurité IBM 7238753	2025-07-02	vendor-advisory
Bulletin de sécurité IBM 7238163	2025-06-27	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "DB2 Data Management Console versions 3.1.x post\u00e9rieures \u00e0 3.1.11 et ant\u00e9rieures \u00e0 3.1.13.1",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP6",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Transformation Extender version 10.1.1.1 sans le correctif de s\u00e9curit\u00e9 \n APAR PH67014",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Transformation Extender version 11.0.0.0 sans le correctif de s\u00e9curit\u00e9 \n APAR PH67014",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Transformation Extender version 10.1.0.2 sans le correctif de s\u00e9curit\u00e9 \n APAR PH67014",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4 FP1",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Transformation Extender version 10.1.2.1 sans le correctif de s\u00e9curit\u00e9 \n APAR PH67014",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 14.10.x ant\u00e9rieures \u00e0 14.10.xC11W2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct File Agent versions 1.4.0.x ant\u00e9rieures \u00e0 1.4.0.4",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Transformation Extender versions 11.0.1.x ant\u00e9rieures \u00e0 11.0.1.1 sans le correctif de s\u00e9curit\u00e9 \n APAR PH67016",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "DB2 Data Management Console pour CPD versions ant\u00e9rieures \u00e0 5.1.2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 12.10.x ant\u00e9rieures \u00e0 12.10.xC16W2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-21235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
    },
    {
      "name": "CVE-2025-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
    },
    {
      "name": "CVE-2024-21144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
    },
    {
      "name": "CVE-2021-43816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
    },
    {
      "name": "CVE-2024-21534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21534"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2024-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10917"
    },
    {
      "name": "CVE-2025-1302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1302"
    },
    {
      "name": "CVE-2025-27152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
    },
    {
      "name": "CVE-2025-21587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
    },
    {
      "name": "CVE-2024-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
    },
    {
      "name": "CVE-2024-52900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52900"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2025-30698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
    },
    {
      "name": "CVE-2024-27289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27289"
    },
    {
      "name": "CVE-2022-41721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41721"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-21145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2025-2900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
    },
    {
      "name": "CVE-2025-1991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1991"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2024-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
    },
    {
      "name": "CVE-2024-21210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
    },
    {
      "name": "CVE-2024-2511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
    },
    {
      "name": "CVE-2022-21698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
    },
    {
      "name": "CVE-2024-21217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
    },
    {
      "name": "CVE-2024-27267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2024-21208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
    }
  ],
  "initial_release_date": "2025-07-04T00:00:00",
  "last_revision_date": "2025-07-04T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0562",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Injection SQL (SQLi)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2025-06-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238455",
      "url": "https://www.ibm.com/support/pages/node/7238455"
    },
    {
      "published_at": "2025-07-02",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238755",
      "url": "https://www.ibm.com/support/pages/node/7238755"
    },
    {
      "published_at": "2025-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238833",
      "url": "https://www.ibm.com/support/pages/node/7238833"
    },
    {
      "published_at": "2025-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238824",
      "url": "https://www.ibm.com/support/pages/node/7238824"
    },
    {
      "published_at": "2025-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238831",
      "url": "https://www.ibm.com/support/pages/node/7238831"
    },
    {
      "published_at": "2025-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238826",
      "url": "https://www.ibm.com/support/pages/node/7238826"
    },
    {
      "published_at": "2025-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238830",
      "url": "https://www.ibm.com/support/pages/node/7238830"
    },
    {
      "published_at": "2025-07-02",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238753",
      "url": "https://www.ibm.com/support/pages/node/7238753"
    },
    {
      "published_at": "2025-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7238163",
      "url": "https://www.ibm.com/support/pages/node/7238163"
    }
  ]
}

CERTFR-2024-AVI-0199

Vulnerability from certfr_avis - Published: 2024-03-08 - Updated: 2024-03-08

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	WebSphere	WebSphere Service Registry and Repository versions 8.5.x antérieures à WSRR V8.5.6.3_IJ40949_IJ45702_IJ48644_IJ48939_IJ48940
IBM	WebSphere	WebSphere Service Registry and Repository Studio versions 8.5.x sans le dernier correctif de sécurité V8.5.6.3_IJ50069
IBM	Cloud Pak	Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.19.0
IBM	QRadar Suite Software	QRadar Suite Software versions 1.10.x.x antérieures à 1.10.19.0
IBM	Sterling	Sterling External Authentication Server versions antérieures à 6.0.3 sans le correctif de sécurité iFix 10
IBM	Sterling	Sterling External Authentication Server versions antérieures à 6.1.0 sans le correctif de sécurité iFix 06

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7130806 du 07 mars 2024	None	vendor-advisory
Bulletin de sécurité IBM 7129989 du 06 mars 2024	None	vendor-advisory
Bulletin de sécurité IBM 7129833 du 04 mars 2024	None	vendor-advisory
Bulletin de sécurité IBM 7129327 du 01 mars 2024	None	vendor-advisory
Bulletin de sécurité IBM 7129821 du 04 mars 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "WebSphere Service Registry and Repository versions 8.5.x ant\u00e9rieures \u00e0 WSRR V8.5.6.3_IJ40949_IJ45702_IJ48644_IJ48939_IJ48940",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Service Registry and Repository Studio versions 8.5.x sans le dernier correctif de s\u00e9curit\u00e9 V8.5.6.3_IJ50069",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.19.0",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Suite Software versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.19.0",
      "product": {
        "name": "QRadar Suite Software",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling External Authentication Server versions ant\u00e9rieures \u00e0 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix 10",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling External Authentication Server versions ant\u00e9rieures \u00e0 6.1.0 sans le correctif de s\u00e9curit\u00e9 iFix 06",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-1099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1099"
    },
    {
      "name": "CVE-2023-45857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
    },
    {
      "name": "CVE-2024-24762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
    },
    {
      "name": "CVE-2021-43816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2022-31030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
    },
    {
      "name": "CVE-2018-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
    },
    {
      "name": "CVE-2023-22067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
    },
    {
      "name": "CVE-2020-15106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15106"
    },
    {
      "name": "CVE-2022-38749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
    },
    {
      "name": "CVE-2021-32760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32760"
    },
    {
      "name": "CVE-2023-34478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34478"
    },
    {
      "name": "CVE-2023-36478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2023-33850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
    },
    {
      "name": "CVE-2023-40167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
    },
    {
      "name": "CVE-2023-41900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
    },
    {
      "name": "CVE-2023-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
    },
    {
      "name": "CVE-2023-22049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
    },
    {
      "name": "CVE-2023-36479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
    },
    {
      "name": "CVE-2022-41854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
    },
    {
      "name": "CVE-2021-21334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21334"
    },
    {
      "name": "CVE-2023-5676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
    },
    {
      "name": "CVE-2022-25857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
    },
    {
      "name": "CVE-2022-38751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
    },
    {
      "name": "CVE-2022-38752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2022-38750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2024-23829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23829"
    },
    {
      "name": "CVE-2022-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
    },
    {
      "name": "CVE-2023-47248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47248"
    },
    {
      "name": "CVE-2018-16886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16886"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2023-42282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-22602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22602"
    },
    {
      "name": "CVE-2021-41103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41103"
    },
    {
      "name": "CVE-2023-40743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40743"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    },
    {
      "name": "CVE-2017-16137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16137"
    },
    {
      "name": "CVE-2024-23334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23334"
    }
  ],
  "initial_release_date": "2024-03-08T00:00:00",
  "last_revision_date": "2024-03-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0199",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-03-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7130806 du 07 mars 2024",
      "url": "https://www.ibm.com/support/pages/node/7130806"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7129989 du 06 mars 2024",
      "url": "https://www.ibm.com/support/pages/node/7129989"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7129833 du 04 mars 2024",
      "url": "https://www.ibm.com/support/pages/node/7129833"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7129327 du 01 mars 2024",
      "url": "https://www.ibm.com/support/pages/node/7129327"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7129821 du 04 mars 2024",
      "url": "https://www.ibm.com/support/pages/node/7129821"
    }
  ]
}

CERTFR-2024-AVI-0350

Vulnerability from certfr_avis - Published: 2024-04-26 - Updated: 2024-04-26

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.0.x, migrer sur une version corrigée
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.24
IBM	N/A	Db2 Warehouse on Cloud Pak for Data versions antérieures à 4.8.4
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.23
IBM	WebSphere	WebSphere Service Registry and Repository version 8.5 sans les derniers correctifs de sécurité
IBM	WebSphere	WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans les derniers correctifs de sécurité
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.7
IBM	N/A	Db2 on Cloud Pak for Data versions antérieures à 4.8.4

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7148847 du 19 avril 2024	None	vendor-advisory
Bulletin de sécurité IBM 7149294 du 23 avril 2024	None	vendor-advisory
Bulletin de sécurité IBM 7149055 du 22 avril 2024	None	vendor-advisory
Bulletin de sécurité IBM 7149195 du 23 avril 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Sterling Connect:Direct Web Services versions 6.0.x, migrer sur une version corrig\u00e9e",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.24",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.23",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Service Registry and Repository version 8.5 sans les derniers correctifs de s\u00e9curit\u00e9",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans les derniers correctifs de s\u00e9curit\u00e9",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.7",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-22201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
    },
    {
      "name": "CVE-2023-28841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
    },
    {
      "name": "CVE-2023-28840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
    },
    {
      "name": "CVE-2022-29162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29162"
    },
    {
      "name": "CVE-2023-45283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
    },
    {
      "name": "CVE-2021-43816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
    },
    {
      "name": "CVE-2023-27561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27561"
    },
    {
      "name": "CVE-2017-11468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11468"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2023-45284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
    },
    {
      "name": "CVE-2022-31030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
    },
    {
      "name": "CVE-2023-2253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
    },
    {
      "name": "CVE-2021-43784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43784"
    },
    {
      "name": "CVE-2023-28842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
    },
    {
      "name": "CVE-2021-32760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32760"
    },
    {
      "name": "CVE-2024-22329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22329"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2023-25809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25809"
    },
    {
      "name": "CVE-2023-51775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2023-28642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28642"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2023-29827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29827"
    },
    {
      "name": "CVE-2022-42969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42969"
    },
    {
      "name": "CVE-2023-28155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28155"
    },
    {
      "name": "CVE-2023-26136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2024-22354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
    },
    {
      "name": "CVE-2021-41103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41103"
    },
    {
      "name": "CVE-2023-26159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
    }
  ],
  "initial_release_date": "2024-04-26T00:00:00",
  "last_revision_date": "2024-04-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0350",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-04-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7148847 du 19 avril 2024",
      "url": "https://www.ibm.com/support/pages/node/7148847"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7149294 du 23 avril 2024",
      "url": "https://www.ibm.com/support/pages/node/7149294"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7149055 du 22 avril 2024",
      "url": "https://www.ibm.com/support/pages/node/7149055"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7149195 du 23 avril 2024",
      "url": "https://www.ibm.com/support/pages/node/7149195"
    }
  ]
}

CERTFR-2026-AVI-0199

Vulnerability from certfr_avis - Published: 2026-02-24 - Updated: 2026-02-24

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Telco Cloud Platform	Telco Cloud Platform versions 4.x et 5.x sans le correctif de sécurité KB428241
VMware	Tanzu Data Services	Tanzu Data Flow versions antérieures à 2.0.2 sur Tanzu Platform
VMware	Azure Spring Enterprise	Harbor Registry versions antérieures à 2.14.2
VMware	Tanzu Data Intelligence	Tanzu pour MySQL versions 2.0.0 sur Kubernetes
VMware	Cloud Foundation	Cloud Foundation versions 9.x antérieures à 9.0.2.0
VMware	Tanzu Kubernetes Runtime	App Metrics versions antérieures à2.3.3
VMware	Tanzu Data Intelligence	Tanzu GemFire versions antérieures à 2.6.1 sur Kubernetes
VMware	Tanzu Kubernetes Runtime	CredHub Secrets Management pour Tanzu Platform versions antérieures à 1.6.8
VMware	Tanzu Data Intelligence	Tanzu pour Valkey version 3.3.1 sur Kubernetes
VMware	Tanzu Operations Manager	Foundation Core pour Tanzu Platform versions antérieures à 3.2.4
VMware	Aria Operations	Aria Operations versions 8.x antérieures à 8.18.6
VMware	Tanzu Kubernetes Runtime	cf-mgmt pour Tanzu Platform versions antérieures à 1.0.108
VMware	Tanzu Data Intelligence	Tanzu pour Valkey version 9.0.1
VMware	Tanzu Kubernetes Runtime	Extended App Support pour Tanzu Platform versions antérieures à 1.0.15
VMware	Tanzu Data Intelligence	Tanzu GemFire Management versions antérieures à 1.4.3
VMware	Tanzu Kubernetes Runtime	NodeJS Buildpack versions antérieures à 1.8.77
VMware	Tanzu Kubernetes Runtime	Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.5
VMware	Cloud Foundation	Cloud Foundation versions 4.x et 5.x sans le correctif de sécurité KB92148
VMware	Tanzu Kubernetes Runtime	AI Services pour Tanzu Platform versions antérieures à 10.3.4
VMware	Tanzu Kubernetes Runtime	Java Buildpack versions antérieures à 4.89.0
VMware	Telco Cloud Infrastructure	Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB428241
VMware	Tanzu Kubernetes Runtime	Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 37012	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37001	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37013	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37003	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37023	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37017	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37006	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37024	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36997	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37004	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36947	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37018	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37005	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37008	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37007	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37020	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36998	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37002	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37021	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37022	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37016	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37019	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37010	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37009	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37000	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37011	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37015	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37014	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36999	2026-02-24	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Telco Cloud Platform versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB428241",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Flow versions ant\u00e9rieures \u00e0 2.0.2 sur Tanzu Platform",
      "product": {
        "name": "Tanzu Data Services",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Harbor Registry versions ant\u00e9rieures \u00e0 2.14.2",
      "product": {
        "name": "Azure Spring Enterprise",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour MySQL versions 2.0.0 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 9.x ant\u00e9rieures \u00e0 9.0.2.0",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "App Metrics versions ant\u00e9rieures  \u00e02.3.3",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 2.6.1 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "CredHub Secrets Management pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.8",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Valkey version 3.3.1 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Foundation Core pour Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.4",
      "product": {
        "name": "Tanzu Operations Manager",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.6",
      "product": {
        "name": "Aria Operations",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "cf-mgmt pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.108",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Valkey version 9.0.1",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.15",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire Management versions ant\u00e9rieures \u00e0 1.4.3",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.77",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Native Buildpacks pour Tanzu Platform versions ant\u00e9rieures \u00e0 0.6.5",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB92148",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "AI Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.4",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.89.0",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9 KB428241",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-6395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
    },
    {
      "name": "CVE-2022-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
    },
    {
      "name": "CVE-2024-24790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
    },
    {
      "name": "CVE-2025-47219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47219"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
    },
    {
      "name": "CVE-2021-42384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42384"
    },
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2024-20919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2023-21938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
    },
    {
      "name": "CVE-2025-61730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2017-16544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16544"
    },
    {
      "name": "CVE-2025-39987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39987"
    },
    {
      "name": "CVE-2021-42378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42378"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2025-21861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
    },
    {
      "name": "CVE-2026-21933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
    },
    {
      "name": "CVE-2025-58183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
    },
    {
      "name": "CVE-2023-21843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
    },
    {
      "name": "CVE-2026-21932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
    },
    {
      "name": "CVE-2022-24450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24450"
    },
    {
      "name": "CVE-2025-66199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
    },
    {
      "name": "CVE-2025-15282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
    },
    {
      "name": "CVE-2024-21235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
    },
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2021-37600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
    },
    {
      "name": "CVE-2021-42382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42382"
    },
    {
      "name": "CVE-2020-10750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10750"
    },
    {
      "name": "CVE-2025-68973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2025-40055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40055"
    },
    {
      "name": "CVE-2021-42376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42376"
    },
    {
      "name": "CVE-2025-9714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
    },
    {
      "name": "CVE-2026-22801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
    },
    {
      "name": "CVE-2025-39876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39876"
    },
    {
      "name": "CVE-2025-40029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40029"
    },
    {
      "name": "CVE-2025-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38561"
    },
    {
      "name": "CVE-2025-10148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
    },
    {
      "name": "CVE-2023-28841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
    },
    {
      "name": "CVE-2023-28840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
    },
    {
      "name": "CVE-2025-40048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40048"
    },
    {
      "name": "CVE-2022-27191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
    },
    {
      "name": "CVE-2025-40219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
    },
    {
      "name": "CVE-2024-21144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
    },
    {
      "name": "CVE-2025-40043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40043"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2021-41091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41091"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2025-8556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
    },
    {
      "name": "CVE-2026-21936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
    },
    {
      "name": "CVE-2025-59775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59775"
    },
    {
      "name": "CVE-2026-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
    },
    {
      "name": "CVE-2025-39973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39973"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-8941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
    },
    {
      "name": "CVE-2025-66614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
    },
    {
      "name": "CVE-2018-1000517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000517"
    },
    {
      "name": "CVE-2025-15469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
    },
    {
      "name": "CVE-2025-39943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39943"
    },
    {
      "name": "CVE-2025-39945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39945"
    },
    {
      "name": "CVE-2025-39883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-21954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-21939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
    },
    {
      "name": "CVE-2022-0563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
    },
    {
      "name": "CVE-2024-20926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
    },
    {
      "name": "CVE-2025-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
    },
    {
      "name": "CVE-2025-40019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
    },
    {
      "name": "CVE-2025-40240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2025-40081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40081"
    },
    {
      "name": "CVE-2025-47907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
    },
    {
      "name": "CVE-2024-58011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
    },
    {
      "name": "CVE-2025-12084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
    },
    {
      "name": "CVE-2025-40026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
    },
    {
      "name": "CVE-2025-40153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40153"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2023-45283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
    },
    {
      "name": "CVE-2025-40121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40121"
    },
    {
      "name": "CVE-2026-1642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1642"
    },
    {
      "name": "CVE-2025-45582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
    },
    {
      "name": "CVE-2024-21068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
    },
    {
      "name": "CVE-2025-55753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55753"
    },
    {
      "name": "CVE-2025-11468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
    },
    {
      "name": "CVE-2025-40204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40204"
    },
    {
      "name": "CVE-2025-40171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40171"
    },
    {
      "name": "CVE-2021-43816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2025-39911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39911"
    },
    {
      "name": "CVE-2025-69419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
    },
    {
      "name": "CVE-2025-6052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2025-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10543"
    },
    {
      "name": "CVE-2025-40125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40125"
    },
    {
      "name": "CVE-2025-40349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40349"
    },
    {
      "name": "CVE-2025-6075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
    },
    {
      "name": "CVE-2019-5481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
    },
    {
      "name": "CVE-2025-26646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26646"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2022-29222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29222"
    },
    {
      "name": "CVE-2025-40187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40187"
    },
    {
      "name": "CVE-2025-58185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2024-21012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
    },
    {
      "name": "CVE-2025-39913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2025-40092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40092"
    },
    {
      "name": "CVE-2022-41722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
    },
    {
      "name": "CVE-2025-61731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2025-39967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39967"
    },
    {
      "name": "CVE-2025-40115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2021-42386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42386"
    },
    {
      "name": "CVE-2024-47561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2025-13837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
    },
    {
      "name": "CVE-2025-55752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
    },
    {
      "name": "CVE-2024-24783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
    },
    {
      "name": "CVE-2023-45284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
    },
    {
      "name": "CVE-2025-39949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39949"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-29190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29190"
    },
    {
      "name": "CVE-2025-40173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40173"
    },
    {
      "name": "CVE-2024-24791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2022-28948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
    },
    {
      "name": "CVE-2025-58767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
    },
    {
      "name": "CVE-2024-56538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56538"
    },
    {
      "name": "CVE-2025-39923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2025-15367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
    },
    {
      "name": "CVE-2022-31030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
    },
    {
      "name": "CVE-2024-45341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
    },
    {
      "name": "CVE-2018-20679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20679"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-39953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39953"
    },
    {
      "name": "CVE-2025-15467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
    },
    {
      "name": "CVE-2023-2253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
    },
    {
      "name": "CVE-2024-58251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
    },
    {
      "name": "CVE-2026-2006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
    },
    {
      "name": "CVE-2022-21624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2023-34462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
    },
    {
      "name": "CVE-2025-40167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40167"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2021-38297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
    },
    {
      "name": "CVE-2025-39969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39969"
    },
    {
      "name": "CVE-2025-4598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
    },
    {
      "name": "CVE-2025-27144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
    },
    {
      "name": "CVE-2017-15873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15873"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2025-40194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40194"
    },
    {
      "name": "CVE-2025-40245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2024-24557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
    },
    {
      "name": "CVE-2023-45289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2023-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
    },
    {
      "name": "CVE-2025-40001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40001"
    },
    {
      "name": "CVE-2026-1485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
    },
    {
      "name": "CVE-2024-29025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2025-40035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40035"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2025-39988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39988"
    },
    {
      "name": "CVE-2026-22719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22719"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2026-2005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2023-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
    },
    {
      "name": "CVE-2022-39399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39399"
    },
    {
      "name": "CVE-2022-4203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
    },
    {
      "name": "CVE-2025-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
    },
    {
      "name": "CVE-2021-42374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42374"
    },
    {
      "name": "CVE-2025-50106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
    },
    {
      "name": "CVE-2025-40233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
    },
    {
      "name": "CVE-2025-40020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40020"
    },
    {
      "name": "CVE-2023-3635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
    },
    {
      "name": "CVE-2025-40188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40188"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2023-22041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22041"
    },
    {
      "name": "CVE-2022-21626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
    },
    {
      "name": "CVE-2025-66200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66200"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2021-41771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
    },
    {
      "name": "CVE-2025-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
    },
    {
      "name": "CVE-2023-45290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2026-22795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
    },
    {
      "name": "CVE-2023-34231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34231"
    },
    {
      "name": "CVE-2026-0988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0988"
    },
    {
      "name": "CVE-2025-61727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
    },
    {
      "name": "CVE-2025-22866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2024-26308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
    },
    {
      "name": "CVE-2024-34158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
    },
    {
      "name": "CVE-2025-30754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
    },
    {
      "name": "CVE-2025-65637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2026-0861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
    },
    {
      "name": "CVE-2023-47090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47090"
    },
    {
      "name": "CVE-2025-40049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40049"
    },
    {
      "name": "CVE-2025-47910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
    },
    {
      "name": "CVE-2021-4160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
    },
    {
      "name": "CVE-2025-40070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40070"
    },
    {
      "name": "CVE-2022-29946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29946"
    },
    {
      "name": "CVE-2025-40106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2022-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
    },
    {
      "name": "CVE-2021-3995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2025-40205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40205"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2023-28319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
    },
    {
      "name": "CVE-2025-10966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2025-47906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
    },
    {
      "name": "CVE-2025-59375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
    },
    {
      "name": "CVE-2021-39293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
    },
    {
      "name": "CVE-2025-31133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
    },
    {
      "name": "CVE-2025-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
    },
    {
      "name": "CVE-2024-29018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2024-11053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2025-40027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
    },
    {
      "name": "CVE-2025-39885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39885"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2025-69421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2025-4517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
    },
    {
      "name": "CVE-2025-58188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
    },
    {
      "name": "CVE-2025-30215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30215"
    },
    {
      "name": "CVE-2016-9843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2024-40635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
    },
    {
      "name": "CVE-2022-41720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
    },
    {
      "name": "CVE-2026-21948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
    },
    {
      "name": "CVE-2025-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2025-39970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39970"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2025-39994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39994"
    },
    {
      "name": "CVE-2025-52999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
    },
    {
      "name": "CVE-2024-56433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2025-40088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
    },
    {
      "name": "CVE-2025-40220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
    },
    {
      "name": "CVE-2021-3449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2023-22036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22036"
    },
    {
      "name": "CVE-2025-13151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
    },
    {
      "name": "CVE-2025-22058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
    },
    {
      "name": "CVE-2024-21634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
    },
    {
      "name": "CVE-2022-28391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28391"
    },
    {
      "name": "CVE-2022-38749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
    },
    {
      "name": "CVE-2025-40109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
    },
    {
      "name": "CVE-2025-40006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40006"
    },
    {
      "name": "CVE-2022-21628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2025-6020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
    },
    {
      "name": "CVE-2025-68161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
    },
    {
      "name": "CVE-2024-45336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
    },
    {
      "name": "CVE-2025-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
    },
    {
      "name": "CVE-2023-28842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2023-3978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
    },
    {
      "name": "CVE-2022-26652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26652"
    },
    {
      "name": "CVE-2025-40011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40011"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2025-40085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40085"
    },
    {
      "name": "CVE-2023-42365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365"
    },
    {
      "name": "CVE-2025-40231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40231"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2026-22796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
    },
    {
      "name": "CVE-2021-42379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42379"
    },
    {
      "name": "CVE-2025-61724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
    },
    {
      "name": "CVE-2024-5642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2025-23143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2025-65082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65082"
    },
    {
      "name": "CVE-2024-47554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2025-61732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
    },
    {
      "name": "CVE-2025-61723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
    },
    {
      "name": "CVE-2025-9232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2026-21964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
    },
    {
      "name": "CVE-2025-21587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
    },
    {
      "name": "CVE-2024-24785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
    },
    {
      "name": "CVE-2025-46394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
    },
    {
      "name": "CVE-2022-36109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
    },
    {
      "name": "CVE-2025-68146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
    },
    {
      "name": "CVE-2025-40183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40183"
    },
    {
      "name": "CVE-2021-42381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42381"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2024-21147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2025-39998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39998"
    },
    {
      "name": "CVE-2025-13836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
    },
    {
      "name": "CVE-2023-39410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
    },
    {
      "name": "CVE-2025-43857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2025-40134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40134"
    },
    {
      "name": "CVE-2017-15874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15874"
    },
    {
      "name": "CVE-2024-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
    },
    {
      "name": "CVE-2025-61725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
    },
    {
      "name": "CVE-2026-25210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
    },
    {
      "name": "CVE-2025-39968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39968"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-29458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-39986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39986"
    },
    {
      "name": "CVE-2025-39955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
    },
    {
      "name": "CVE-2025-66293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
    },
    {
      "name": "CVE-2022-24769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2025-12818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
    },
    {
      "name": "CVE-2025-58098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58098"
    },
    {
      "name": "CVE-2025-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2025-40078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40078"
    },
    {
      "name": "CVE-2025-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2024-21140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
    },
    {
      "name": "CVE-2025-40116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40116"
    },
    {
      "name": "CVE-2025-68249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68249"
    },
    {
      "name": "CVE-2026-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0990"
    },
    {
      "name": "CVE-2025-39934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39934"
    },
    {
      "name": "CVE-2026-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2025-40179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40179"
    },
    {
      "name": "CVE-2025-40127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40127"
    },
    {
      "name": "CVE-2025-32989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
    },
    {
      "name": "CVE-2025-39996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39996"
    },
    {
      "name": "CVE-2025-22874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
    },
    {
      "name": "CVE-2026-22721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22721"
    },
    {
      "name": "CVE-2025-40053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40053"
    },
    {
      "name": "CVE-2026-24515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
    },
    {
      "name": "CVE-2025-39951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39951"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2025-40120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40120"
    },
    {
      "name": "CVE-2024-28085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
    },
    {
      "name": "CVE-2024-41110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
    },
    {
      "name": "CVE-2025-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
    },
    {
      "name": "CVE-2022-48174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48174"
    },
    {
      "name": "CVE-2025-61594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61594"
    },
    {
      "name": "CVE-2023-21835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
    },
    {
      "name": "CVE-2024-34156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2025-5025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
    },
    {
      "name": "CVE-2023-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
    },
    {
      "name": "CVE-2025-40243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2021-41089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41089"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2025-14104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2026-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2025-30761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
    },
    {
      "name": "CVE-2025-47912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2025-68160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
    },
    {
      "name": "CVE-2023-42364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364"
    },
    {
      "name": "CVE-2025-54410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
    },
    {
      "name": "CVE-2022-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2025-40118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40118"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2025-52565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
    },
    {
      "name": "CVE-2025-40021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40021"
    },
    {
      "name": "CVE-2025-67735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2025-61728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2019-5747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5747"
    },
    {
      "name": "CVE-2025-58186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
    },
    {
      "name": "CVE-2025-30698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
    },
    {
      "name": "CVE-2025-40044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2025-40105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40105"
    },
    {
      "name": "CVE-2018-1000500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000500"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2026-26014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26014"
    },
    {
      "name": "CVE-2021-41772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
    },
    {
      "name": "CVE-2025-40112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40112"
    },
    {
      "name": "CVE-2024-27289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27289"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2025-58187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2025-39971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
    },
    {
      "name": "CVE-2025-40154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
    },
    {
      "name": "CVE-2025-13601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
    },
    {
      "name": "CVE-2025-12817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
    },
    {
      "name": "CVE-2025-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
    },
    {
      "name": "CVE-2026-23949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
    },
    {
      "name": "CVE-2021-42385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42385"
    },
    {
      "name": "CVE-2023-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2024-21138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
    },
    {
      "name": "CVE-2025-32988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
    },
    {
      "name": "CVE-2023-22049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
    },
    {
      "name": "CVE-2024-24787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
    },
    {
      "name": "CVE-2026-0915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
    },
    {
      "name": "CVE-2025-15281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2022-41854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2022-30634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
    },
    {
      "name": "CVE-2025-40126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40126"
    },
    {
      "name": "CVE-2025-39972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39972"
    },
    {
      "name": "CVE-2025-24294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
    },
    {
      "name": "CVE-2025-58181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
    },
    {
      "name": "CVE-2021-42836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
    },
    {
      "name": "CVE-2021-44716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
    },
    {
      "name": "CVE-2025-47914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2025-69418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
    },
    {
      "name": "CVE-2025-58058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-40200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40200"
    },
    {
      "name": "CVE-2022-3358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
    },
    {
      "name": "CVE-2025-38236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
    },
    {
      "name": "CVE-2025-15468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
    },
    {
      "name": "CVE-2025-40124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40124"
    },
    {
      "name": "CVE-2025-39880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
    },
    {
      "name": "CVE-2025-58189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
    },
    {
      "name": "CVE-2025-6021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
    },
    {
      "name": "CVE-2025-40094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40094"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2022-25857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
    },
    {
      "name": "CVE-2022-38751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-8096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2024-21145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2026-21941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21941"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2025-40215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
    },
    {
      "name": "CVE-2025-40111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40111"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2023-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
    },
    {
      "name": "CVE-2025-40068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40068"
    },
    {
      "name": "CVE-2025-40042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40042"
    },
    {
      "name": "CVE-2025-32415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2025-30749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
    },
    {
      "name": "CVE-2026-22695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
    },
    {
      "name": "CVE-2026-23490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
    },
    {
      "name": "CVE-2026-24733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
    },
    {
      "name": "CVE-2026-0992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0992"
    },
    {
      "name": "CVE-2025-9230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
    },
    {
      "name": "CVE-2026-21947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21947"
    },
    {
      "name": "CVE-2025-66564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2019-5482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2023-21930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
    },
    {
      "name": "CVE-2022-38752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2025-32414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
    },
    {
      "name": "CVE-2025-39937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39937"
    },
    {
      "name": "CVE-2025-11187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2025-40060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40060"
    },
    {
      "name": "CVE-2026-2003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
    },
    {
      "name": "CVE-2019-5443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
    },
    {
      "name": "CVE-2022-38750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2020-1967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1967"
    },
    {
      "name": "CVE-2025-68121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
    },
    {
      "name": "CVE-2025-60876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60876"
    },
    {
      "name": "CVE-2023-24531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
    },
    {
      "name": "CVE-2021-23840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2021-44717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
    },
    {
      "name": "CVE-2025-11065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11065"
    },
    {
      "name": "CVE-2022-3602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
    },
    {
      "name": "CVE-2026-1484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
    },
    {
      "name": "CVE-2025-4947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
    },
    {
      "name": "CVE-2025-40178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40178"
    },
    {
      "name": "CVE-2022-29804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
    },
    {
      "name": "CVE-2025-39869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
    },
    {
      "name": "CVE-2025-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2025-39985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39985"
    },
    {
      "name": "CVE-2025-61726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
    },
    {
      "name": "CVE-2022-1434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2025-59464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59464"
    },
    {
      "name": "CVE-2023-22006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22006"
    },
    {
      "name": "CVE-2019-5435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
    },
    {
      "name": "CVE-2022-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
    },
    {
      "name": "CVE-2025-8058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
    },
    {
      "name": "CVE-2026-1489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2026-2004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
    },
    {
      "name": "CVE-2026-0672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
    },
    {
      "name": "CVE-2025-8732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2021-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
    },
    {
      "name": "CVE-2025-21502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2021-23841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2025-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
    },
    {
      "name": "CVE-2026-22720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22720"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-42363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2024-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
    },
    {
      "name": "CVE-2025-39980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39980"
    },
    {
      "name": "CVE-2024-21210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2024-2511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
    },
    {
      "name": "CVE-2025-53057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
    },
    {
      "name": "CVE-2024-24786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2019-1551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
    },
    {
      "name": "CVE-2025-40346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40346"
    },
    {
      "name": "CVE-2023-21967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
    },
    {
      "name": "CVE-2024-34155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
    },
    {
      "name": "CVE-2022-21619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
    },
    {
      "name": "CVE-2025-40030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40030"
    },
    {
      "name": "CVE-2025-40244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
    },
    {
      "name": "CVE-2025-39995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39995"
    },
    {
      "name": "CVE-2025-68119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
    },
    {
      "name": "CVE-2022-21698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
    },
    {
      "name": "CVE-2025-53066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
    },
    {
      "name": "CVE-2025-22873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22873"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2024-24784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2025-39907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
    },
    {
      "name": "CVE-2023-42366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
    },
    {
      "name": "CVE-2024-21217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2026-25547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
    },
    {
      "name": "CVE-2025-69420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    },
    {
      "name": "CVE-2025-40140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40140"
    },
    {
      "name": "CVE-2024-24789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
    },
    {
      "name": "CVE-2025-40223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2026-1225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
    },
    {
      "name": "CVE-2024-53114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53114"
    },
    {
      "name": "CVE-2024-27304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
    },
    {
      "name": "CVE-2026-22703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22703"
    },
    {
      "name": "CVE-2026-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0989"
    },
    {
      "name": "CVE-2025-61729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
    },
    {
      "name": "CVE-2025-39873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
    },
    {
      "name": "CVE-2024-21208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2022-29189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29189"
    },
    {
      "name": "CVE-2025-38248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
    },
    {
      "name": "CVE-2025-40351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40351"
    },
    {
      "name": "CVE-2025-40087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
    },
    {
      "name": "CVE-2026-25646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25646"
    }
  ],
  "initial_release_date": "2026-02-24T00:00:00",
  "last_revision_date": "2026-02-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0199",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-02-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection de code indirecte \u00e0 distance (XSS).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37012",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37012"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37001",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37001"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37013",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37013"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37003",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37003"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37023",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37023"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37017",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37017"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37006",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37006"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37024",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37024"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36997",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36997"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37004",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37004"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36947",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37018",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37018"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37005",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37005"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37008",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37008"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37007",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37007"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37020",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37020"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36998",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36998"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37002",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37002"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37021",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37021"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37022",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37022"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37016",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37016"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37019",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37019"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37010",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37010"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37009",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37009"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37000",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37000"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37011",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37011"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37015",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37015"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37014",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37014"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36999",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36999"
    }
  ]
}

CERTFR-2025-AVI-0590

Vulnerability from certfr_avis - Published: 2025-07-11 - Updated: 2025-07-11

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Sterling	Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.14
IBM	Tivoli	Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent version 7.3.0 Fix Pack 4 sans le dernier correctif de sécurité
IBM	Sterling	Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 iFix 03
IBM	Db2	DB2 Data Management Console on CPD versions 4.7.1 antérieures à 4.7.2
IBM	Db2	DB2 Data Management Console versions 3.1.11 à 3.1.13.x antérieures à 3.1.13.1
IBM	QRadar	QRadar SIEM versions 7.5.0 sans le dernier correctif de sécurité
IBM	Tivoli	Tivoli Composite Application Manager for Application Diagnostics version 7.1.0 sans le dernier correctif de sécurité
IBM	Sterling	Sterling Connect:Direct Web Services versions 6.4.0.x antérieures à 6.4.0.3
IBM	WebSphere	WebSphere Hybrid Edition versions 5.1 sans le correctif de sécurité PH66674
IBM	Sterling	Sterling Connect:Direct Web Services versions 6.2.0.x antérieures à 6.2.0.28

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7239103	2025-07-08	vendor-advisory
Bulletin de sécurité IBM 7239009	2025-07-07	vendor-advisory
Bulletin de sécurité IBM 7239143	2025-07-08	vendor-advisory
Bulletin de sécurité IBM 7239362	2025-07-09	vendor-advisory
Bulletin de sécurité IBM 7239476	2025-07-11	vendor-advisory
Bulletin de sécurité IBM 7239247	2025-07-09	vendor-advisory
Bulletin de sécurité IBM 7239178	2025-07-08	vendor-advisory
Bulletin de sécurité IBM 7239475	2025-07-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Sterling Connect:Direct Web Services versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.14",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent version 7.3.0 Fix Pack 4 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Tivoli",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 iFix 03",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "DB2 Data Management Console on CPD versions 4.7.1 ant\u00e9rieures \u00e0 4.7.2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "DB2 Data Management Console versions 3.1.11 \u00e0 3.1.13.x ant\u00e9rieures \u00e0 3.1.13.1",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.0 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Tivoli Composite Application Manager for Application Diagnostics version 7.1.0 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Tivoli",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.3",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Hybrid Edition versions 5.1 sans le correctif de s\u00e9curit\u00e9 PH66674",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.28",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
    },
    {
      "name": "CVE-2022-29162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29162"
    },
    {
      "name": "CVE-2020-13956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
    },
    {
      "name": "CVE-2021-43816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
    },
    {
      "name": "CVE-2023-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
    },
    {
      "name": "CVE-2023-27561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27561"
    },
    {
      "name": "CVE-2022-31030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
    },
    {
      "name": "CVE-2021-35516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2019-19921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19921"
    },
    {
      "name": "CVE-2021-35517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
    },
    {
      "name": "CVE-2021-36090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
    },
    {
      "name": "CVE-2021-43784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43784"
    },
    {
      "name": "CVE-2021-32760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32760"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2024-45296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
    },
    {
      "name": "CVE-2025-21587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
    },
    {
      "name": "CVE-2023-25809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25809"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2023-33850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
    },
    {
      "name": "CVE-2025-30698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
    },
    {
      "name": "CVE-2022-41721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41721"
    },
    {
      "name": "CVE-2023-28642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28642"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2025-2900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2021-35515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2021-41103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41103"
    },
    {
      "name": "CVE-2025-36038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36038"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2016-1000027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
    }
  ],
  "initial_release_date": "2025-07-11T00:00:00",
  "last_revision_date": "2025-07-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0590",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239103",
      "url": "https://www.ibm.com/support/pages/node/7239103"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239009",
      "url": "https://www.ibm.com/support/pages/node/7239009"
    },
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239143",
      "url": "https://www.ibm.com/support/pages/node/7239143"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239362",
      "url": "https://www.ibm.com/support/pages/node/7239362"
    },
    {
      "published_at": "2025-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239476",
      "url": "https://www.ibm.com/support/pages/node/7239476"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239247",
      "url": "https://www.ibm.com/support/pages/node/7239247"
    },
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239178",
      "url": "https://www.ibm.com/support/pages/node/7239178"
    },
    {
      "published_at": "2025-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7239475",
      "url": "https://www.ibm.com/support/pages/node/7239475"
    }
  ]
}

CERTFR-2024-AVI-0958

Vulnerability from certfr_avis - Published: 2024-11-08 - Updated: 2024-11-08

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Cloud Pak System	Cloud Pak System versions 2.3.4.x antérieures à 2.3.4.1
IBM	VIOS	VIOS version 4.1 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	Security QRadar EDR	Security QRadar EDR versions 3.12.x antérieures à 3.12.13
IBM	VIOS	VIOS version 4.1 avec un fichier python3.9.base versions antérieures à 3.9.20.0
IBM	AIX	AIX version 7.2 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	AIX	AIX version 7.3 avec un fichier python3.9.base versions antérieures à 3.9.20.0
IBM	AIX	AIX version 7.3 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP10 IF01
IBM	Cloud Pak System	Cloud Pak System versions 2.3.4.0 avec Db2 versions antérieures à 11.5.9 Special Build
IBM	Sterling Control Center	Sterling Control Center versions 6.3.1.x antérieures à 6.3.1.0 iFix03
IBM	VIOS	VIOS version 3.1 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	Cloud Pak	Cloud Pak for Security versions antérieures à 1.10.27.0
IBM	Cloud Transformation Advisor	Cloud Transformation Advisor versions antérieures à 3.10.2
IBM	QRadar Suite Software	QRadar Suite Software versions antérieures à 1.10.27.0
IBM	Sterling Control Center	Sterling Control Center versions 6.2.1.x antérieures à 6.2.1.0 iFix14
IBM	QRadar Deployment Intelligence App	QRadar Deployment Intelligence App versions antérieures à 3.0.15

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7174802	2024-11-05	vendor-advisory
Bulletin de sécurité IBM 7174634	2024-11-01	vendor-advisory
Bulletin de sécurité IBM 7174639	2024-11-01	vendor-advisory
Bulletin de sécurité IBM 7175196	2024-11-08	vendor-advisory
Bulletin de sécurité IBM 7175086	2024-11-07	vendor-advisory
Bulletin de sécurité IBM 7175192	2024-11-08	vendor-advisory
Bulletin de sécurité IBM 7174799	2024-11-05	vendor-advisory
Bulletin de sécurité IBM 7174797	2024-11-05	vendor-advisory
Bulletin de sécurité IBM 7174945	2024-11-06	vendor-advisory
Bulletin de sécurité IBM 7174912	2024-11-05	vendor-advisory
Bulletin de sécurité IBM 7175166	2024-11-07	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cloud Pak System versions 2.3.4.x ant\u00e9rieures \u00e0 2.3.4.1",
      "product": {
        "name": "Cloud Pak System",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS version 4.1 avec un fichier tcl.base versions ant\u00e9rieures \u00e0 8.6.10.1",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Security QRadar EDR versions 3.12.x ant\u00e9rieures \u00e0 3.12.13",
      "product": {
        "name": "Security QRadar EDR",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS version 4.1 avec un fichier python3.9.base versions ant\u00e9rieures \u00e0 3.9.20.0",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX version 7.2 avec un fichier tcl.base versions ant\u00e9rieures \u00e0 8.6.10.1",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX version 7.3 avec un fichier python3.9.base versions ant\u00e9rieures \u00e0 3.9.20.0",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX version 7.3 avec un fichier tcl.base versions ant\u00e9rieures \u00e0 8.6.10.1",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP10 IF01",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Pak System versions 2.3.4.0 avec Db2 versions ant\u00e9rieures \u00e0 11.5.9 Special Build",
      "product": {
        "name": "Cloud Pak System",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.3.1.x ant\u00e9rieures \u00e0 6.3.1.0 iFix03",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS version 3.1 avec un fichier tcl.base versions ant\u00e9rieures \u00e0 8.6.10.1",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Pak for Security versions ant\u00e9rieures \u00e0 1.10.27.0",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Transformation Advisor versions ant\u00e9rieures \u00e0 3.10.2 ",
      "product": {
        "name": "Cloud Transformation Advisor",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Suite Software versions ant\u00e9rieures \u00e0 1.10.27.0",
      "product": {
        "name": "QRadar Suite Software",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.0 iFix14",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.15",
      "product": {
        "name": "QRadar Deployment Intelligence App",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2020-25659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25659"
    },
    {
      "name": "CVE-2020-36242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36242"
    },
    {
      "name": "CVE-2022-23181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23181"
    },
    {
      "name": "CVE-2021-42340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42340"
    },
    {
      "name": "CVE-2022-29885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29885"
    },
    {
      "name": "CVE-2022-34305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34305"
    },
    {
      "name": "CVE-2017-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
    },
    {
      "name": "CVE-2022-25762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25762"
    },
    {
      "name": "CVE-2022-42252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
    },
    {
      "name": "CVE-2022-40897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-23931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
    },
    {
      "name": "CVE-2023-28708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28708"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-38325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2023-28487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2023-28486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2023-7104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2022-31030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2023-28746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
    },
    {
      "name": "CVE-2023-52451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
    },
    {
      "name": "CVE-2023-52584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52584"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2023-52600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52600"
    },
    {
      "name": "CVE-2023-52463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2023-42465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
    },
    {
      "name": "CVE-2023-52530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52530"
    },
    {
      "name": "CVE-2024-26586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26586"
    },
    {
      "name": "CVE-2023-27043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
    },
    {
      "name": "CVE-2023-36632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
    },
    {
      "name": "CVE-2023-49083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
    },
    {
      "name": "CVE-2023-2253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2023-52609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52609"
    },
    {
      "name": "CVE-2017-7501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2021-35939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
    },
    {
      "name": "CVE-2024-26308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
    },
    {
      "name": "CVE-2024-0553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
    },
    {
      "name": "CVE-2021-35938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
    },
    {
      "name": "CVE-2023-50782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
    },
    {
      "name": "CVE-2021-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
    },
    {
      "name": "CVE-2023-6597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
    },
    {
      "name": "CVE-2023-52591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52591"
    },
    {
      "name": "CVE-2024-26667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26667"
    },
    {
      "name": "CVE-2023-52608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52608"
    },
    {
      "name": "CVE-2023-52486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
    },
    {
      "name": "CVE-2024-26614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26614"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2023-52623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
    },
    {
      "name": "CVE-2023-52619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
    },
    {
      "name": "CVE-2024-29133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
    },
    {
      "name": "CVE-2024-29131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
    },
    {
      "name": "CVE-2024-26707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2024-26727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26727"
    },
    {
      "name": "CVE-2024-26718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26718"
    },
    {
      "name": "CVE-2024-26702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
    },
    {
      "name": "CVE-2024-26710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26710"
    },
    {
      "name": "CVE-2024-26810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
    },
    {
      "name": "CVE-2024-26663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
    },
    {
      "name": "CVE-2024-26773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26773"
    },
    {
      "name": "CVE-2024-26660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
    },
    {
      "name": "CVE-2024-26726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
    },
    {
      "name": "CVE-2024-26640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
    },
    {
      "name": "CVE-2024-26802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26802"
    },
    {
      "name": "CVE-2024-26733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
    },
    {
      "name": "CVE-2024-26700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
    },
    {
      "name": "CVE-2024-26772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26772"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
    },
    {
      "name": "CVE-2024-26714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
    },
    {
      "name": "CVE-2024-26686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
    },
    {
      "name": "CVE-2017-11468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11468"
    },
    {
      "name": "CVE-2023-45284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
    },
    {
      "name": "CVE-2023-52590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52590"
    },
    {
      "name": "CVE-2021-46939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46939"
    },
    {
      "name": "CVE-2024-26870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26870"
    },
    {
      "name": "CVE-2024-27025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27025"
    },
    {
      "name": "CVE-2024-26961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-26958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26958"
    },
    {
      "name": "CVE-2024-26843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26843"
    },
    {
      "name": "CVE-2024-26925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26925"
    },
    {
      "name": "CVE-2024-27388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27388"
    },
    {
      "name": "CVE-2024-27020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27020"
    },
    {
      "name": "CVE-2024-26960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26960"
    },
    {
      "name": "CVE-2024-26820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26820"
    },
    {
      "name": "CVE-2024-26878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26878"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-27065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
    },
    {
      "name": "CVE-2024-26825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
    },
    {
      "name": "CVE-2024-27019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
    },
    {
      "name": "CVE-2024-26668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
    },
    {
      "name": "CVE-2024-26669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26669"
    },
    {
      "name": "CVE-2023-52425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
    },
    {
      "name": "CVE-2024-21823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2023-52653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52653"
    },
    {
      "name": "CVE-2024-26853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26853"
    },
    {
      "name": "CVE-2022-48632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
    },
    {
      "name": "CVE-2024-29025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-36886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
    },
    {
      "name": "CVE-2024-36889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-36905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36905"
    },
    {
      "name": "CVE-2024-36929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
    },
    {
      "name": "CVE-2024-36933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36933"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2024-36954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36954"
    },
    {
      "name": "CVE-2021-47231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47231"
    },
    {
      "name": "CVE-2021-47284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47284"
    },
    {
      "name": "CVE-2021-47373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
    },
    {
      "name": "CVE-2021-47408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47408"
    },
    {
      "name": "CVE-2021-47449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47449"
    },
    {
      "name": "CVE-2021-47461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47461"
    },
    {
      "name": "CVE-2021-47468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47468"
    },
    {
      "name": "CVE-2021-47491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47491"
    },
    {
      "name": "CVE-2021-47548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47548"
    },
    {
      "name": "CVE-2023-52662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
    },
    {
      "name": "CVE-2023-52679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52679"
    },
    {
      "name": "CVE-2023-52707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52707"
    },
    {
      "name": "CVE-2023-52730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52730"
    },
    {
      "name": "CVE-2023-52756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52756"
    },
    {
      "name": "CVE-2023-52764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
    },
    {
      "name": "CVE-2023-52777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52777"
    },
    {
      "name": "CVE-2023-52791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
    },
    {
      "name": "CVE-2023-52796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
    },
    {
      "name": "CVE-2023-52803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52803"
    },
    {
      "name": "CVE-2023-52811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52811"
    },
    {
      "name": "CVE-2023-52817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2023-52834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52834"
    },
    {
      "name": "CVE-2023-52847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52847"
    },
    {
      "name": "CVE-2023-52864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52864"
    },
    {
      "name": "CVE-2024-26921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26921"
    },
    {
      "name": "CVE-2024-26940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26940"
    },
    {
      "name": "CVE-2024-27395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27395"
    },
    {
      "name": "CVE-2024-35801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
    },
    {
      "name": "CVE-2024-35823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35823"
    },
    {
      "name": "CVE-2024-35847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35847"
    },
    {
      "name": "CVE-2024-35912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35912"
    },
    {
      "name": "CVE-2024-35924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35924"
    },
    {
      "name": "CVE-2024-35930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35930"
    },
    {
      "name": "CVE-2024-35938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35938"
    },
    {
      "name": "CVE-2024-35940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35940"
    },
    {
      "name": "CVE-2024-35952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35952"
    },
    {
      "name": "CVE-2024-36006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36006"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-36896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36896"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2023-52658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
    },
    {
      "name": "CVE-2024-26740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26740"
    },
    {
      "name": "CVE-2024-26844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26844"
    },
    {
      "name": "CVE-2024-26962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26962"
    },
    {
      "name": "CVE-2024-27434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2024-35810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
    },
    {
      "name": "CVE-2024-35814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
    },
    {
      "name": "CVE-2024-35824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35824"
    },
    {
      "name": "CVE-2024-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35937"
    },
    {
      "name": "CVE-2024-35946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35946"
    },
    {
      "name": "CVE-2024-36020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
    },
    {
      "name": "CVE-2024-36025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36025"
    },
    {
      "name": "CVE-2024-36921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
    },
    {
      "name": "CVE-2024-31076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
    },
    {
      "name": "CVE-2024-33621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2024-35893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35893"
    },
    {
      "name": "CVE-2024-35896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896"
    },
    {
      "name": "CVE-2024-35897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35897"
    },
    {
      "name": "CVE-2024-35899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35899"
    },
    {
      "name": "CVE-2024-35900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35900"
    },
    {
      "name": "CVE-2024-35910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35910"
    },
    {
      "name": "CVE-2024-35925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35925"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-38596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2023-5752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2024-4032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
    },
    {
      "name": "CVE-2023-52648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
    },
    {
      "name": "CVE-2023-6004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
    },
    {
      "name": "CVE-2023-6918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
    },
    {
      "name": "CVE-2024-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
    },
    {
      "name": "CVE-2024-25062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
    },
    {
      "name": "CVE-2024-2961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
    },
    {
      "name": "CVE-2024-33599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
    },
    {
      "name": "CVE-2024-33600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
    },
    {
      "name": "CVE-2024-33601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
    },
    {
      "name": "CVE-2024-33602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
    },
    {
      "name": "CVE-2024-34064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
    },
    {
      "name": "CVE-2024-34069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2024-4067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
    },
    {
      "name": "CVE-2022-48743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48743"
    },
    {
      "name": "CVE-2022-48747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48747"
    },
    {
      "name": "CVE-2023-52762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52762"
    },
    {
      "name": "CVE-2023-52784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784"
    },
    {
      "name": "CVE-2023-52845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
    },
    {
      "name": "CVE-2024-26842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26842"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36978"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2024-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
    },
    {
      "name": "CVE-2024-21138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
    },
    {
      "name": "CVE-2024-21140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
    },
    {
      "name": "CVE-2024-21144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
    },
    {
      "name": "CVE-2024-21145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
    },
    {
      "name": "CVE-2024-21147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
    },
    {
      "name": "CVE-2024-26662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26662"
    },
    {
      "name": "CVE-2024-26703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26703"
    },
    {
      "name": "CVE-2024-26818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
    },
    {
      "name": "CVE-2024-26824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26824"
    },
    {
      "name": "CVE-2024-26831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
    },
    {
      "name": "CVE-2024-27010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27010"
    },
    {
      "name": "CVE-2024-27011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27011"
    },
    {
      "name": "CVE-2024-36270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
    },
    {
      "name": "CVE-2024-36489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36489"
    },
    {
      "name": "CVE-2024-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
    },
    {
      "name": "CVE-2024-39276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
    },
    {
      "name": "CVE-2024-39476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39476"
    },
    {
      "name": "CVE-2024-39487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
    },
    {
      "name": "CVE-2024-39495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39495"
    },
    {
      "name": "CVE-2024-39502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39502"
    },
    {
      "name": "CVE-2024-40902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40902"
    },
    {
      "name": "CVE-2024-40927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40927"
    },
    {
      "name": "CVE-2024-40974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40974"
    },
    {
      "name": "CVE-2024-36010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36010"
    },
    {
      "name": "CVE-2024-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
    },
    {
      "name": "CVE-2024-6923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
    },
    {
      "name": "CVE-2024-36000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
    },
    {
      "name": "CVE-2024-36927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
    },
    {
      "name": "CVE-2024-36979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979"
    },
    {
      "name": "CVE-2024-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
    },
    {
      "name": "CVE-2021-47018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47018"
    },
    {
      "name": "CVE-2021-47257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47257"
    },
    {
      "name": "CVE-2021-47304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47304"
    },
    {
      "name": "CVE-2021-47579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
    },
    {
      "name": "CVE-2021-47624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47624"
    },
    {
      "name": "CVE-2022-48757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
    },
    {
      "name": "CVE-2023-52471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52471"
    },
    {
      "name": "CVE-2023-52775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52775"
    },
    {
      "name": "CVE-2024-26837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26837"
    },
    {
      "name": "CVE-2024-39472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39472"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    },
    {
      "name": "CVE-2024-38808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
    },
    {
      "name": "CVE-2024-38809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
    },
    {
      "name": "CVE-2024-27267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
    },
    {
      "name": "CVE-2024-38428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
    },
    {
      "name": "CVE-2024-42232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42232"
    },
    {
      "name": "CVE-2024-42236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42236"
    },
    {
      "name": "CVE-2024-42244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
    },
    {
      "name": "CVE-2024-42247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42247"
    },
    {
      "name": "CVE-2023-4692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4692"
    },
    {
      "name": "CVE-2023-4693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4693"
    },
    {
      "name": "CVE-2023-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
    },
    {
      "name": "CVE-2024-1048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1048"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-39338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
    },
    {
      "name": "CVE-2024-39689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
    },
    {
      "name": "CVE-2024-45491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
    },
    {
      "name": "CVE-2024-45492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
    },
    {
      "name": "CVE-2024-38816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
    },
    {
      "name": "CVE-2024-41042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
    },
    {
      "name": "CVE-2024-42238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
    },
    {
      "name": "CVE-2024-42259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42259"
    },
    {
      "name": "CVE-2024-43824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43824"
    },
    {
      "name": "CVE-2024-43833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43833"
    },
    {
      "name": "CVE-2024-43858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43858"
    },
    {
      "name": "CVE-2021-42694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42694"
    },
    {
      "name": "CVE-2023-50314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50314"
    },
    {
      "name": "CVE-2024-34155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
    },
    {
      "name": "CVE-2024-34156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
    },
    {
      "name": "CVE-2024-34158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
    },
    {
      "name": "CVE-2024-42252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42252"
    },
    {
      "name": "CVE-2024-43832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43832"
    },
    {
      "name": "CVE-2024-37370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
    },
    {
      "name": "CVE-2024-37371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
    },
    {
      "name": "CVE-2024-45296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
    },
    {
      "name": "CVE-2024-42251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42251"
    },
    {
      "name": "CVE-2021-43980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43980"
    },
    {
      "name": "CVE-2023-20584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20584"
    },
    {
      "name": "CVE-2023-31356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31356"
    },
    {
      "name": "CVE-2023-36328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36328"
    },
    {
      "name": "CVE-2023-48161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
    },
    {
      "name": "CVE-2023-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5115"
    },
    {
      "name": "CVE-2023-52596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52596"
    },
    {
      "name": "CVE-2023-5764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5764"
    },
    {
      "name": "CVE-2024-21529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21529"
    },
    {
      "name": "CVE-2024-21534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21534"
    },
    {
      "name": "CVE-2024-25620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25620"
    },
    {
      "name": "CVE-2024-26147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26147"
    },
    {
      "name": "CVE-2024-26713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26713"
    },
    {
      "name": "CVE-2024-26721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26721"
    },
    {
      "name": "CVE-2024-26823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26823"
    },
    {
      "name": "CVE-2024-30203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30203"
    },
    {
      "name": "CVE-2024-30205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30205"
    },
    {
      "name": "CVE-2024-31882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31882"
    },
    {
      "name": "CVE-2024-34447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
    },
    {
      "name": "CVE-2024-35136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35136"
    },
    {
      "name": "CVE-2024-35152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35152"
    },
    {
      "name": "CVE-2024-37529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37529"
    },
    {
      "name": "CVE-2024-38286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
    },
    {
      "name": "CVE-2024-39331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39331"
    },
    {
      "name": "CVE-2024-42254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42254"
    },
    {
      "name": "CVE-2024-42255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42255"
    },
    {
      "name": "CVE-2024-42256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42256"
    },
    {
      "name": "CVE-2024-42258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
    },
    {
      "name": "CVE-2024-42460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
    },
    {
      "name": "CVE-2024-43796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
    },
    {
      "name": "CVE-2024-43799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
    },
    {
      "name": "CVE-2024-43800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
    },
    {
      "name": "CVE-2024-43857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43857"
    },
    {
      "name": "CVE-2024-45490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
    },
    {
      "name": "CVE-2024-45590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
    },
    {
      "name": "CVE-2024-45801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
    },
    {
      "name": "CVE-2024-46982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46982"
    },
    {
      "name": "CVE-2024-47764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
    },
    {
      "name": "CVE-2024-47874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
    },
    {
      "name": "CVE-2024-47875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
    },
    {
      "name": "CVE-2024-7592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
    },
    {
      "name": "CVE-2024-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
    }
  ],
  "initial_release_date": "2024-11-08T00:00:00",
  "last_revision_date": "2024-11-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0958",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2024-11-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174802",
      "url": "https://www.ibm.com/support/pages/node/7174802"
    },
    {
      "published_at": "2024-11-01",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174634",
      "url": "https://www.ibm.com/support/pages/node/7174634"
    },
    {
      "published_at": "2024-11-01",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174639",
      "url": "https://www.ibm.com/support/pages/node/7174639"
    },
    {
      "published_at": "2024-11-08",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7175196",
      "url": "https://www.ibm.com/support/pages/node/7175196"
    },
    {
      "published_at": "2024-11-07",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7175086",
      "url": "https://www.ibm.com/support/pages/node/7175086"
    },
    {
      "published_at": "2024-11-08",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7175192",
      "url": "https://www.ibm.com/support/pages/node/7175192"
    },
    {
      "published_at": "2024-11-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174799",
      "url": "https://www.ibm.com/support/pages/node/7174799"
    },
    {
      "published_at": "2024-11-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174797",
      "url": "https://www.ibm.com/support/pages/node/7174797"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174945",
      "url": "https://www.ibm.com/support/pages/node/7174945"
    },
    {
      "published_at": "2024-11-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7174912",
      "url": "https://www.ibm.com/support/pages/node/7174912"
    },
    {
      "published_at": "2024-11-07",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7175166",
      "url": "https://www.ibm.com/support/pages/node/7175166"
    }
  ]
}

GSD-2022-23648

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.

Aliases

CVE-2022-23648

Aliases

CVE-2022-23648

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-23648",
    "description": "containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u2019s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.",
    "id": "GSD-2022-23648",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-23648.html",
      "https://www.debian.org/security/2022/dsa-5091",
      "https://ubuntu.com/security/CVE-2022-23648",
      "https://advisories.mageia.org/CVE-2022-23648.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2022-23648.html",
      "https://security.archlinux.org/CVE-2022-23648",
      "https://packetstormsecurity.com/files/cve/CVE-2022-23648"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-23648"
      ],
      "details": "containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u2019s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.",
      "id": "GSD-2022-23648",
      "modified": "2023-12-13T01:19:35.267759Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-23648",
        "STATE": "PUBLIC",
        "TITLE": "Insecure handling of image volumes in containerd CRI plugin"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "containerd",
                    "version": {
                      "version_data": [
                        {
                          "version_value": " \u003c 1.4.13"
                        },
                        {
                          "version_value": "\u003e= 1.5.0, \u003c 1.5.10"
                        },
                        {
                          "version_value": "\u003e= 1.6.0, \u003c 1.6.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "containerd"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u2019s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7",
            "refsource": "CONFIRM",
            "url": "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"
          },
          {
            "name": "https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70",
            "refsource": "MISC",
            "url": "https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"
          },
          {
            "name": "https://github.com/containerd/containerd/releases/tag/v1.4.13",
            "refsource": "MISC",
            "url": "https://github.com/containerd/containerd/releases/tag/v1.4.13"
          },
          {
            "name": "https://github.com/containerd/containerd/releases/tag/v1.5.10",
            "refsource": "MISC",
            "url": "https://github.com/containerd/containerd/releases/tag/v1.5.10"
          },
          {
            "name": "https://github.com/containerd/containerd/releases/tag/v1.6.1",
            "refsource": "MISC",
            "url": "https://github.com/containerd/containerd/releases/tag/v1.6.1"
          },
          {
            "name": "DSA-5091",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5091"
          },
          {
            "name": "FEDORA-2022-dc35dd101f",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/"
          },
          {
            "name": "FEDORA-2022-230f2b024b",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/"
          },
          {
            "name": "http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"
          },
          {
            "name": "FEDORA-2022-d9c9bf56f6",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/"
          },
          {
            "name": "GLSA-202401-31",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202401-31"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-crp2-qrr5-8pq7",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.4.13||\u003e=1.5.0 \u003c1.5.10||\u003e=1.6.0 \u003c1.6.1",
          "affected_versions": "All versions before 1.4.13, all versions starting from 1.5.0 before 1.5.10, all versions starting from 1.6.0 before 1.6.1",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2023-07-11",
          "description": "containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u2019s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.",
          "fixed_versions": [
            "1.4.13",
            "1.5.10",
            "1.6.1"
          ],
          "identifier": "CVE-2022-23648",
          "identifiers": [
            "CVE-2022-23648",
            "GHSA-crp2-qrr5-8pq7"
          ],
          "not_impacted": "All versions starting from 1.4.13 before 1.5.0, all versions starting from 1.5.10 before 1.6.0, all versions starting from 1.6.1",
          "package_slug": "go/github.com/containerd/containerd",
          "pubdate": "2022-03-03",
          "solution": "Upgrade to versions 1.4.13, 1.5.10, 1.6.1 or above.",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor",
          "urls": [
            "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7",
            "https://github.com/advisories/GHSA-crp2-qrr5-8pq7"
          ],
          "uuid": "76d56170-967a-4647-b580-38738a65efb0"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E2E44BA2-CF61-41F7-B332-C2C977368870",
                    "versionEndExcluding": "1.4.13",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5783F746-15E8-403A-A79F-D58E4577185E",
                    "versionEndExcluding": "1.5.10",
                    "versionStartIncluding": "1.5.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B7A0F3E7-387E-46F4-861A-8B65EBF6548A",
                    "versionEndExcluding": "1.6.1",
                    "versionStartIncluding": "1.6.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u2019s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue."
          },
          {
            "lang": "es",
            "value": "containerd es un tiempo de ejecuci\u00f3n de contenedores disponible como demonio para Linux y Windows. Se ha encontrado un fallo en containerd versiones anteriores a 1.6.1, 1.5.10 y 1.14.12, en el que los contenedores lanzados mediante la implementaci\u00f3n CRI de containerd en Linux con una configuraci\u00f3n de imagen especialmente dise\u00f1ada pod\u00edan conseguir acceso a copias de s\u00f3lo lectura de archivos y directorios arbitrarios en el host. Esto puede omitir cualquier aplicaci\u00f3n basada en pol\u00edticas sobre la configuraci\u00f3n de contenedores (incluyendo una pol\u00edtica de seguridad de Kubernetes Pod) y exponer informaci\u00f3n potencialmente confidencial. Kubernetes y crictl pueden ser configurados para usar la implementaci\u00f3n de CRI de containerd. Este error ha sido corregido en containerd versiones 1.6.1, 1.5.10 y 1.4.12. Los usuarios deben actualizar a estas versiones para resolver el problema"
          }
        ],
        "id": "CVE-2022-23648",
        "lastModified": "2024-01-31T13:15:08.760",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2022-03-03T14:15:07.973",
        "references": [
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Patch",
              "Release Notes",
              "Third Party Advisory"
            ],
            "url": "https://github.com/containerd/containerd/releases/tag/v1.4.13"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Patch",
              "Release Notes",
              "Third Party Advisory"
            ],
            "url": "https://github.com/containerd/containerd/releases/tag/v1.5.10"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Patch",
              "Release Notes",
              "Third Party Advisory"
            ],
            "url": "https://github.com/containerd/containerd/releases/tag/v1.6.1"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://security.gentoo.org/glsa/202401-31"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5091"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-noinfo"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-200"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

GHSA-CRP2-QRR5-8PQ7

Vulnerability from github – Published: 2022-03-02 21:33 – Updated: 2024-01-31 15:32

Summary

containerd CRI plugin: Insecure handling of image volumes

Details

Impact

A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation.

Patches

This bug has been fixed in containerd 1.6.1, 1.5.10 and 1.4.13. Users should update to these versions to resolve the issue.

Workarounds

Ensure that only trusted images are used.

Credits

The containerd project would like to thank Felix Wilhelm of Google Project Zero for responsibly disclosing this issue in accordance with the containerd security policy.

For more information

If you have any questions or comments about this advisory:

Open an issue in containerd
Email us at security@containerd.io

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.5.0"
            },
            {
              "fixed": "1.5.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.6.0"
            },
            {
              "fixed": "1.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-23648"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-03-02T21:33:17Z",
    "nvd_published_at": "2022-03-03T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nA bug was found in containerd where containers launched through containerd\u2019s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host.  This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information.  Kubernetes and crictl can both be configured to use containerd\u2019s CRI implementation.\n\n### Patches\n\nThis bug has been fixed in containerd 1.6.1, 1.5.10 and 1.4.13.  Users should update to these versions to resolve the issue.\n\n### Workarounds\n\nEnsure that only trusted images are used.\n\n### Credits\n\nThe containerd project would like to thank Felix Wilhelm of Google Project Zero for responsibly disclosing this issue in accordance with the [containerd security policy](https://github.com/containerd/project/blob/main/SECURITY.md).\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at [security@containerd.io](mailto:security@containerd.io)",
  "id": "GHSA-crp2-qrr5-8pq7",
  "modified": "2024-01-31T15:32:06Z",
  "published": "2022-03-02T21:33:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23648"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/containerd/containerd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.4.13"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.5.10"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.6.1"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-31"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5091"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "containerd CRI plugin: Insecure handling of image volumes"
}

CNVD-2022-29292

Vulnerability from cnvd - Published: 2022-04-15

Title

Apache containerd信息泄露漏洞

Description

containerd是美国阿帕奇（Apache）基金会的一个容器守护进程。该进程根据 RunC OCI 规范负责控制宿主机上容器的完整周期。 Apache containerd存在信息泄露漏洞，攻击者可利用该漏洞通过特殊的镜像配置启动容器并访问主机上任意文件和目录的只读副本。

Severity

中

Patch Name

Apache containerd信息泄露漏洞的补丁

Patch Description

containerd是美国阿帕奇（Apache）基金会的一个容器守护进程。该进程根据 RunC OCI 规范负责控制宿主机上容器的完整周期。 Apache containerd存在信息泄露漏洞，攻击者可利用该漏洞通过特殊的镜像配置启动容器并访问主机上任意文件和目录的只读副本。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://devolutions.net/security/advisories/DEVO-2022-0001

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-23648

Impacted products

Name
['Apache containerd <1.6.1', 'Apache containerd <1.5.10', 'Apache containerd <1.14.12']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-23648"
    }
  },
  "description": "containerd\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u5bb9\u5668\u5b88\u62a4\u8fdb\u7a0b\u3002\u8be5\u8fdb\u7a0b\u6839\u636e RunC OCI \u89c4\u8303\u8d1f\u8d23\u63a7\u5236\u5bbf\u4e3b\u673a\u4e0a\u5bb9\u5668\u7684\u5b8c\u6574\u5468\u671f\u3002\n\nApache containerd\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u7279\u6b8a\u7684\u955c\u50cf\u914d\u7f6e\u542f\u52a8\u5bb9\u5668\u5e76\u8bbf\u95ee\u4e3b\u673a\u4e0a\u4efb\u610f\u6587\u4ef6\u548c\u76ee\u5f55\u7684\u53ea\u8bfb\u526f\u672c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://devolutions.net/security/advisories/DEVO-2022-0001",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-29292",
  "openTime": "2022-04-15",
  "patchDescription": "containerd\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u5bb9\u5668\u5b88\u62a4\u8fdb\u7a0b\u3002\u8be5\u8fdb\u7a0b\u6839\u636e RunC OCI \u89c4\u8303\u8d1f\u8d23\u63a7\u5236\u5bbf\u4e3b\u673a\u4e0a\u5bb9\u5668\u7684\u5b8c\u6574\u5468\u671f\u3002\r\n\r\nApache containerd\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u7279\u6b8a\u7684\u955c\u50cf\u914d\u7f6e\u542f\u52a8\u5bb9\u5668\u5e76\u8bbf\u95ee\u4e3b\u673a\u4e0a\u4efb\u610f\u6587\u4ef6\u548c\u76ee\u5f55\u7684\u53ea\u8bfb\u526f\u672c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache containerd\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apache containerd \u003c1.6.1",
      "Apache containerd \u003c1.5.10",
      "Apache containerd \u003c1.14.12"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-23648",
  "serverity": "\u4e2d",
  "submitTime": "2022-03-04",
  "title": "Apache containerd\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2022-23648 (GCVE-0-2022-23648)

Tags

Sightings

Nomenclature

Action not permitted

CVE-2022-23648 (GCVE-0-2022-23648)

Solutions

Solution

Solution

Solutions

Solutions

Solutions

Impact

Patches

Workarounds

Credits

For more information

Tags

Sightings

Nomenclature