From aef45f9bf84a4154805964a7acc427003159d523 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 3 Apr 2024 14:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/5xxx/CVE-2023-5178.json | 19 ++++-- 2024/0xxx/CVE-2024-0394.json | 85 +++++++++++++++++++++++++-- 2024/1xxx/CVE-2024-1394.json | 14 ++--- 2024/21xxx/CVE-2024-21870.json | 78 +++++++++++++++++++++++-- 2024/22xxx/CVE-2024-22178.json | 78 +++++++++++++++++++++++-- 2024/24xxx/CVE-2024-24976.json | 78 +++++++++++++++++++++++-- 2024/27xxx/CVE-2024-27201.json | 78 +++++++++++++++++++++++-- 2024/31xxx/CVE-2024-31419.json | 104 +++++++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3259.json | 100 +++++++++++++++++++++++++++++-- 9 files changed, 592 insertions(+), 42 deletions(-) diff --git a/2023/5xxx/CVE-2023-5178.json b/2023/5xxx/CVE-2023-5178.json index 346e2ee8936..f003aa340b3 100644 --- a/2023/5xxx/CVE-2023-5178.json +++ b/2023/5xxx/CVE-2023-5178.json @@ -174,6 +174,12 @@ ], "defaultStatus": "affected" } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } } ] } @@ -625,6 +631,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1269" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1278", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1278" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-5178", "refsource": "MISC", @@ -664,14 +675,14 @@ "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", + "baseScore": 8.8, + "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "privilegesRequired": "NONE", + "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ] diff --git a/2024/0xxx/CVE-2024-0394.json b/2024/0xxx/CVE-2024-0394.json index d5947265266..18e5aac3dc9 100644 --- a/2024/0xxx/CVE-2024-0394.json +++ b/2024/0xxx/CVE-2024-0394.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0394", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@rapid7.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege.\u00a0 The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter where it is set to a path accessible to low-privileged users.\u00a0 The vulnerability has been remediated and fixed in version 4.5.5.\u00a0\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rapid7", + "product": { + "product_data": [ + { + "product_name": "Minerva", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "4.5.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.rapid7.com/blog/post/2024/04/03/cve-2024-0394-rapid7-minerva-armor-privilege-escalation-fixed/", + "refsource": "MISC", + "name": "https://www.rapid7.com/blog/post/2024/04/03/cve-2024-0394-rapid7-minerva-armor-privilege-escalation-fixed/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Will Dormann of Vul Labs " + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/1xxx/CVE-2024-1394.json b/2024/1xxx/CVE-2024-1394.json index 6176de8230c..102055a78e3 100644 --- a/2024/1xxx/CVE-2024-1394.json +++ b/2024/1xxx/CVE-2024-1394.json @@ -514,7 +514,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "3:4.2.0-7.2.rhaos4.12.el9", + "version": "3:4.4.1-2.1.rhaos4.12.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected" @@ -605,7 +605,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "0:1.28.4-8.rhaos4.15.git24f50b9.el8", + "version": "0:1.28.4-8.rhaos4.15.git24f50b9.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected" @@ -619,7 +619,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "0:1.28.0-3.1.el9", + "version": "0:1.28.0-3.1.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected" @@ -647,7 +647,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9", + "version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected" @@ -934,12 +934,6 @@ "defaultStatus": "unaffected" } }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, { "version_value": "not down converted", "x_cve_json_5_version_data": { diff --git a/2024/21xxx/CVE-2024-21870.json b/2024/21xxx/CVE-2024-21870.json index 3b965811c2e..0ec7f994f2e 100644 --- a/2024/21xxx/CVE-2024-21870.json +++ b/2024/21xxx/CVE-2024-21870.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-21870", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-73: External Control of File Name or Path", + "cweId": "CWE-73" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open Automation Software", + "product": { + "product_data": [ + { + "product_name": "OAS Platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "V19.00.0057" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950", + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Jared Rittle of Cisco Talos." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/22xxx/CVE-2024-22178.json b/2024/22xxx/CVE-2024-22178.json index 75544b066a1..cd06793c603 100644 --- a/2024/22xxx/CVE-2024-22178.json +++ b/2024/22xxx/CVE-2024-22178.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22178", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-73: External Control of File Name or Path", + "cweId": "CWE-73" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open Automation Software", + "product": { + "product_data": [ + { + "product_name": "OAS Platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "V19.00.0057" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1951", + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1951" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Jared Rittle of Cisco Talos." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/24xxx/CVE-2024-24976.json b/2024/24xxx/CVE-2024-24976.json index 189b59d88a8..ef896631960 100644 --- a/2024/24xxx/CVE-2024-24976.json +++ b/2024/24xxx/CVE-2024-24976.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-24976", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-130: Improper Handling of Length Parameter Inconsistency ", + "cweId": "CWE-130" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open Automation Software", + "product": { + "product_data": [ + { + "product_name": "OAS Platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "V19.00.0057" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948", + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Jared Rittle of Cisco Talos." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/27xxx/CVE-2024-27201.json b/2024/27xxx/CVE-2024-27201.json index 9d775247585..b82c044d478 100644 --- a/2024/27xxx/CVE-2024-27201.json +++ b/2024/27xxx/CVE-2024-27201.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-27201", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Open Automation Software", + "product": { + "product_data": [ + { + "product_name": "OAS Platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "V19.00.0057" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1949", + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1949" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Jared Rittle of Cisco Talos." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/31xxx/CVE-2024-31419.json b/2024/31xxx/CVE-2024-31419.json index 6abc186eb69..999e20fbe93 100644 --- a/2024/31xxx/CVE-2024-31419.json +++ b/2024/31xxx/CVE-2024-31419.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-31419", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitly enabled by an administrator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere", + "cweId": "CWE-497" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "CNV", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "4.15.1", + "status": "unaffected" + } + ] + } + } + ] + } + } + ] + } + }, + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat OpenShift Virtualization 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-31419", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-31419" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272948", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2272948" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3259.json b/2024/3xxx/CVE-2024-3259.json index 192d3b6caeb..e2fe44dad4b 100644 --- a/2024/3xxx/CVE-2024-3259.json +++ b/2024/3xxx/CVE-2024-3259.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Internship Portal Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/delete_activity.php. The manipulation of the argument activity_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259108." + }, + { + "lang": "deu", + "value": "In SourceCodester Internship Portal Management System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei admin/delete_activity.php. Durch die Manipulation des Arguments activity_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Internship Portal Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.259108", + "refsource": "MISC", + "name": "https://vuldb.com/?id.259108" + }, + { + "url": "https://vuldb.com/?ctiid.259108", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.259108" + }, + { + "url": "https://vuldb.com/?submit.309220", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.309220" + }, + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-09", + "refsource": "MISC", + "name": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-09" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "liuann (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] }