Vulnerability from csaf_ncscnl
Published
2025-03-11 12:30
Modified
2025-03-11 12:30
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter en Tecnomatix.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Dreigingsinformatie
Kans
medium
Schade
high
CWE-187
Partial String Comparison
CWE-283
Unverified Ownership
CWE-273
Improper Check for Dropped Privileges
CWE-1287
Improper Validation of Specified Type of Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-208
Observable Timing Discrepancy
CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
CWE-824
Access of Uninitialized Pointer
CWE-305
Authentication Bypass by Primary Weakness
CWE-117
Improper Output Neutralization for Logs
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-693
Protection Mechanism Failure
CWE-552
Files or Directories Accessible to External Parties
CWE-290
Authentication Bypass by Spoofing
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-306
Missing Authentication for Critical Function
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-121
Stack-based Buffer Overflow
CWE-20
Improper Input Validation
CWE-287
Improper Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Siemens heeft kwetsbaarheden verholpen in diverse producten als SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter en Tecnomatix.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", title: "Interpretaties", }, { category: "description", text: "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "description", text: " ", title: "Dreigingsinformatie", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Partial String Comparison", title: "CWE-187", }, { category: "general", text: "Unverified Ownership", title: "CWE-283", }, { category: "general", text: "Improper Check for Dropped Privileges", title: "CWE-273", }, { category: "general", text: "Improper Validation of Specified Type of Input", title: "CWE-1287", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Improper Restriction of Communication Channel to Intended Endpoints", title: "CWE-923", }, { category: "general", text: "Access of Uninitialized Pointer", title: "CWE-824", }, { category: "general", text: "Authentication Bypass by Primary Weakness", title: "CWE-305", }, { category: "general", text: "Improper Output Neutralization for Logs", title: "CWE-117", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authentication Bypass by Spoofing", title: "CWE-290", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Missing Authentication for Critical Function", title: "CWE-306", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Authentication", title: "CWE-287", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-050438.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-073066.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-075201.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-216014.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-280834.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-503939.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-507653.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-515903.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-615740.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787280.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-858251.pdf", }, ], title: "Kwetsbaarheden verholpen in Siemens producten", tracking: { current_release_date: "2025-03-11T12:30:29.277759Z", generator: { date: "2025-02-25T15:15:00Z", engine: { name: "V.A.", version: "1.0", }, }, id: "NCSC-2025-0077", initial_release_date: "2025-03-11T12:30:29.277759Z", revision_history: [ { date: "2025-03-11T12:30:29.277759Z", number: "1.0.0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459094", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299123", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459095", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299124", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/3.x", product: { name: "vers:unknown/3.x", product_id: "CSAFPID-2459491", }, }, { category: "product_version_range", name: "vers:unknown/<v4.0", product: { name: "vers:unknown/<v4.0", product_id: "CSAFPID-2459084", }, }, ], category: "product_name", name: "SCALANCE LPE9403", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459096", }, }, ], category: "product_name", name: "SCALANCE M804PB", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299125", }, }, ], category: "product_name", name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299126", }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299127", }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459097", }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router family", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299128", }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299129", }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459098", }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router family", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459099", }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299130", }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459100", }, }, ], category: "product_name", name: "SCALANCE M874-2", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299131", }, }, ], category: "product_name", name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459101", }, }, ], category: "product_name", name: "SCALANCE M874-3", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299132", }, }, ], category: "product_name", name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459102", }, }, ], category: "product_name", name: "SCALANCE M874-3 3G-Router (CN)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299133", }, }, ], category: "product_name", name: "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459103", }, }, ], category: "product_name", name: "SCALANCE M876-3", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299134", }, }, ], category: "product_name", name: "SCALANCE M876-3 (6GK5876-3AA02-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459104", }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299135", }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459105", }, }, ], category: "product_name", name: "SCALANCE M876-4", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299136", }, }, ], category: "product_name", name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459106", }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299137", }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459107", }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299138", }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459108", }, }, ], category: "product_name", name: "SCALANCE MUB852-1 (A1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459109", }, }, ], category: "product_name", name: "SCALANCE MUB852-1 (B1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459110", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (A1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299139", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459111", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (B1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299140", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459112", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299141", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459113", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (A1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299142", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459114", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (B1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299143", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459115", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (CN)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299144", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459116", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299145", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459117", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299146", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459118", }, }, ], category: "product_name", name: "SCALANCE S615 EEC LAN-Router", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299147", }, }, ], category: "product_name", name: "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459119", }, }, ], category: "product_name", name: "SCALANCE S615 LAN-Router", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299148", }, }, ], category: "product_name", name: "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459120", }, }, ], category: "product_name", name: "SCALANCE SC-600 family", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459042", }, }, ], category: "product_name", name: "SIMATIC Field PG M5", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v26.01.12", product: { name: "vers:unknown/<v26.01.12", product_id: "CSAFPID-2459077", }, }, ], category: "product_name", name: "SIMATIC Field PG M6", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v31.01.07", product: { name: "vers:unknown/<v31.01.07", product_id: "CSAFPID-2459043", }, }, ], category: "product_name", name: "SIMATIC IPC BX-21A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459044", }, }, ], category: "product_name", name: "SIMATIC IPC BX-32A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459045", }, }, ], category: "product_name", name: "SIMATIC IPC BX-39A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v32.01.04", product: { name: "vers:unknown/<v32.01.04", product_id: "CSAFPID-2459046", }, }, ], category: "product_name", name: "SIMATIC IPC BX-59A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459047", }, }, ], category: "product_name", name: "SIMATIC IPC PX-32A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459048", }, }, ], category: "product_name", name: "SIMATIC IPC PX-39A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459049", }, }, ], category: "product_name", name: "SIMATIC IPC PX-39A PRO", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459050", }, }, ], category: "product_name", name: "SIMATIC IPC RC-543B", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459051", }, }, ], category: "product_name", name: "SIMATIC IPC RW-543A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459052", }, }, ], category: "product_name", name: "SIMATIC IPC127E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459053", }, }, ], category: "product_name", name: "SIMATIC IPC227E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459054", }, }, ], category: "product_name", name: "SIMATIC IPC227G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459055", }, }, ], category: "product_name", name: "SIMATIC IPC277E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459056", }, }, ], category: "product_name", name: "SIMATIC IPC277G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459058", }, }, ], category: "product_name", name: "SIMATIC IPC3000 SMART V3", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459059", }, }, ], category: "product_name", name: "SIMATIC IPC327G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459060", }, }, ], category: "product_name", name: "SIMATIC IPC347G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459061", }, }, ], category: "product_name", name: "SIMATIC IPC377G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459062", }, }, ], category: "product_name", name: "SIMATIC IPC427E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459063", }, }, ], category: "product_name", name: "SIMATIC IPC477E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459064", }, }, ], category: "product_name", name: "SIMATIC IPC477E PRO", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459065", }, }, ], category: "product_name", name: "SIMATIC IPC527G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459066", }, }, ], category: "product_name", name: "SIMATIC IPC627E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459067", }, }, ], category: "product_name", name: "SIMATIC IPC647E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459068", }, }, ], category: "product_name", name: "SIMATIC IPC677E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459069", }, }, ], category: "product_name", name: "SIMATIC IPC847E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459070", }, }, ], category: "product_name", name: "SIMATIC ITP1000", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459057", }, }, ], category: "product_name", name: "SIMATIC IPC277G PRO", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459093", }, }, ], category: "product_name", name: "SINAMICS S200", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v6.4.8", product: { name: "vers:unknown/<v6.4.8", product_id: "CSAFPID-2459089", }, }, { category: "product_version_range", name: "vers:unknown/<v6.4.9", product: { name: "vers:unknown/<v6.4.9", product_id: "CSAFPID-2459082", }, }, ], category: "product_name", name: "SiPass integrated AC5102 (ACC-G2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/6.4.0", product: { name: "vers:unknown/6.4.0", product_id: "CSAFPID-2459482", }, }, { category: "product_version_range", name: "vers:unknown/6.4.1", product: { name: "vers:unknown/6.4.1", product_id: "CSAFPID-2459483", }, }, { category: "product_version_range", name: "vers:unknown/6.4.2", product: { name: "vers:unknown/6.4.2", product_id: "CSAFPID-2459484", }, }, { category: "product_version_range", name: "vers:unknown/6.4.3", product: { name: "vers:unknown/6.4.3", product_id: "CSAFPID-2459485", }, }, { category: "product_version_range", name: "vers:unknown/6.4.4", product: { name: "vers:unknown/6.4.4", product_id: "CSAFPID-2459486", }, }, { category: "product_version_range", name: "vers:unknown/6.4.5", product: { name: "vers:unknown/6.4.5", product_id: "CSAFPID-2459487", }, }, { category: "product_version_range", name: "vers:unknown/6.4.6", product: { name: "vers:unknown/6.4.6", product_id: "CSAFPID-2459488", }, }, { category: "product_version_range", name: "vers:unknown/6.4.7", product: { name: "vers:unknown/6.4.7", product_id: "CSAFPID-2459489", }, }, { category: "product_version_range", name: "vers:unknown/6.4.8", product: { name: "vers:unknown/6.4.8", product_id: "CSAFPID-2459490", }, }, ], category: "product_name", name: "SiPass integrated AC5102, SiPass integrated ACC-AP", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v6.4.8", product: { name: "vers:unknown/<v6.4.8", product_id: "CSAFPID-2459090", }, }, { category: "product_version_range", name: "vers:unknown/<v6.4.9", product: { name: "vers:unknown/<v6.4.9", product_id: "CSAFPID-2459083", }, }, ], category: "product_name", name: "SiPass integrated ACC-AP", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v14.3.0.13", product: { name: "vers:unknown/<v14.3.0.13", product_id: "CSAFPID-2459071", }, }, ], category: "product_name", name: "Teamcenter Visualization V14.3", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2312.0009", product: { name: "vers:unknown/<v2312.0009", product_id: "CSAFPID-2459072", }, }, ], category: "product_name", name: "Teamcenter Visualization V2312", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2406.0007", product: { name: "vers:unknown/<v2406.0007", product_id: "CSAFPID-2459073", }, }, ], category: "product_name", name: "Teamcenter Visualization V2406", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2412.0002", product: { name: "vers:unknown/<v2412.0002", product_id: "CSAFPID-2459074", }, }, ], category: "product_name", name: "Teamcenter Visualization V2412", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2302.0021", product: { name: "vers:unknown/<v2302.0021", product_id: "CSAFPID-2459075", }, }, ], category: "product_name", name: "Tecnomatix Plant Simulation V2302", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2404.0010", product: { name: "vers:unknown/<v2404.0010", product_id: "CSAFPID-2459076", }, }, ], category: "product_name", name: "Tecnomatix Plant Simulation V2404", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2024-1305", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-1305", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1305.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-1305", }, { cve: "CVE-2024-4877", product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-4877", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4877.json", }, ], title: "CVE-2024-4877", }, { cve: "CVE-2024-5594", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, notes: [ { category: "other", text: "Improper Output Neutralization for Logs", title: "CWE-117", }, { category: "other", text: "Improper Validation of Specified Type of Input", title: "CWE-1287", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-5594", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5594.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-5594", }, { cve: "CVE-2024-24974", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "other", text: "Improper Restriction of Communication Channel to Intended Endpoints", title: "CWE-923", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-24974", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24974.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-24974", }, { cve: "CVE-2024-27459", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-27459", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27459.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-27459", }, { cve: "CVE-2024-27903", cwe: { id: "CWE-283", name: "Unverified Ownership", }, notes: [ { category: "other", text: "Unverified Ownership", title: "CWE-283", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-27903", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27903.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-27903", }, { cve: "CVE-2024-28882", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-28882", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28882.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-28882", }, { cve: "CVE-2024-41046", product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-41046", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41046.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-41046", }, { cve: "CVE-2024-41049", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-41049", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41049.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-41049", }, { cve: "CVE-2024-41055", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-41055", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41055.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-41055", }, { cve: "CVE-2024-42154", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42154", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42154.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42154", }, { cve: "CVE-2024-42161", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "other", text: "Access of Uninitialized Pointer", title: "CWE-824", }, { category: "general", text: "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42161", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42161.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42161", }, { cve: "CVE-2024-42512", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42512", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42512.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42512", }, { cve: "CVE-2024-42513", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, notes: [ { category: "other", text: "Authentication Bypass by Spoofing", title: "CWE-290", }, { category: "other", text: "Authentication Bypass by Primary Weakness", title: "CWE-305", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42513", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42513.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42513", }, { cve: "CVE-2024-52285", cwe: { id: "CWE-306", name: "Missing Authentication for Critical Function", }, notes: [ { category: "other", text: "Missing Authentication for Critical Function", title: "CWE-306", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-52285", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52285.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-52285", }, { cve: "CVE-2024-56181", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "other", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-56181", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56181.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-56181", }, { cve: "CVE-2024-56182", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "other", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-56182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56182.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-56182", }, { cve: "CVE-2024-56336", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-56336", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56336.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-56336", }, { cve: "CVE-2025-23384", cwe: { id: "CWE-187", name: "Partial String Comparison", }, notes: [ { category: "other", text: "Partial String Comparison", title: "CWE-187", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23384.json", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23384", }, { cve: "CVE-2025-23396", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23396", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23396.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23396", }, { cve: "CVE-2025-23397", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23397", }, { cve: "CVE-2025-23398", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23398.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23398", }, { cve: "CVE-2025-23399", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23399", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23399.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23399", }, { cve: "CVE-2025-23400", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23400", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23400.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23400", }, { cve: "CVE-2025-23401", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23401", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23401.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23401", }, { cve: "CVE-2025-23402", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23402", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23402.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23402", }, { cve: "CVE-2025-25266", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-25266", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25266.json", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-25266", }, { cve: "CVE-2025-25267", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-25267", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25267.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-25267", }, { cve: "CVE-2025-27392", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27392", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27392.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27392", }, { cve: "CVE-2025-27393", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27393", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27393.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27393", }, { cve: "CVE-2025-27394", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27394", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27394.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27394", }, { cve: "CVE-2025-27395", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27395", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27395.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27395", }, { cve: "CVE-2025-27396", cwe: { id: "CWE-273", name: "Improper Check for Dropped Privileges", }, notes: [ { category: "other", text: "Improper Check for Dropped Privileges", title: "CWE-273", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27396", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27396.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27396", }, { cve: "CVE-2025-27397", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27397.json", }, ], title: "CVE-2025-27397", }, { cve: "CVE-2025-27398", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27398.json", }, ], title: "CVE-2025-27398", }, { cve: "CVE-2025-27438", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27438", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27438.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27438", }, { cve: "CVE-2025-27493", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27493", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27493.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27493", }, { cve: "CVE-2025-27494", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27494", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27494.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27494", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.