diff --git a/2023/40xxx/CVE-2023-40159.json b/2023/40xxx/CVE-2023-40159.json
index bc81459cdd6..f13d1eba4d2 100644
--- a/2023/40xxx/CVE-2023-40159.json
+++ b/2023/40xxx/CVE-2023-40159.json
@@ -5,109 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-40159",
"ASSIGNER": "ics-cert@hq.dhs.gov",
- "STATE": "PUBLIC"
+ "STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A validated user not explicitly authorized to have access to certain sensitive information could access Philips Vue PACS on the same network to expose that information."
- }
- ]
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
- "cweId": "CWE-200"
- }
- ]
- }
- ]
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Philips",
- "product": {
- "product_data": [
- {
- "product_name": "Vue PACS",
- "version": {
- "version_data": [
- {
- "version_affected": "<",
- "version_name": "0",
- "version_value": "12.2.8.410"
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- "references": {
- "reference_data": [
- {
- "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01",
- "refsource": "MISC",
- "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01"
- },
- {
- "url": "http://www.philips.com/productsecurity",
- "refsource": "MISC",
- "name": "http://www.philips.com/productsecurity"
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.2.0"
- },
- "source": {
- "advisory": "ICSMA-24-200-01",
- "discovery": "EXTERNAL"
- },
- "solution": [
- {
- "lang": "en",
- "supportingMedia": [
- {
- "base64": false,
- "type": "text/html",
- "value": "Philips recommends upgrading to the latest Vue PACS version 12.2.8.400* released in August 2023.
For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal.
Refer to the Philips advisory for more details.
\n\n
"
- }
- ],
- "value": "Philips recommends upgrading to the latest Vue PACS version 12.2.8.400* released in August 2023.\nFor managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/www.informatics.support.philips.com/csm .\n\nRefer to the Philips advisory http://www.philips.com/productsecurity \u00a0for more details."
- }
- ],
- "credits": [
- {
- "lang": "en",
- "value": "TAS Health NZ and Camiel van Es reported these vulnerabilities to Philips."
- }
- ],
- "impact": {
- "cvss": [
- {
- "attackComplexity": "LOW",
- "attackVector": "NETWORK",
- "availabilityImpact": "NONE",
- "baseScore": 8.2,
- "baseSeverity": "HIGH",
- "confidentialityImpact": "LOW",
- "integrityImpact": "HIGH",
- "privilegesRequired": "NONE",
- "scope": "UNCHANGED",
- "userInteraction": "NONE",
- "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
- "version": "3.1"
+ "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
diff --git a/2023/40xxx/CVE-2023-40223.json b/2023/40xxx/CVE-2023-40223.json
index ad3bf9c54cc..d1ffb57c0d5 100644
--- a/2023/40xxx/CVE-2023-40223.json
+++ b/2023/40xxx/CVE-2023-40223.json
@@ -5,109 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-40223",
"ASSIGNER": "ics-cert@hq.dhs.gov",
- "STATE": "PUBLIC"
+ "STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an unintended sphere of control for that actor."
- }
- ]
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-269 Improper Privilege Management",
- "cweId": "CWE-269"
- }
- ]
- }
- ]
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Philips",
- "product": {
- "product_data": [
- {
- "product_name": "Vue PACS",
- "version": {
- "version_data": [
- {
- "version_affected": "<",
- "version_name": "0",
- "version_value": "12.2.8.410"
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- "references": {
- "reference_data": [
- {
- "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01",
- "refsource": "MISC",
- "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01"
- },
- {
- "url": "http://www.philips.com/productsecurity",
- "refsource": "MISC",
- "name": "http://www.philips.com/productsecurity"
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.2.0"
- },
- "source": {
- "advisory": "ICSMA-24-200-01",
- "discovery": "EXTERNAL"
- },
- "solution": [
- {
- "lang": "en",
- "supportingMedia": [
- {
- "base64": false,
- "type": "text/html",
- "value": "Philips recommends upgrading to the latest Vue PACS version 12.2.8.400* released in August 2023.
For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal.
Refer to the Philips advisory for more details.
\n\n
"
- }
- ],
- "value": "Philips recommends upgrading to the latest Vue PACS version 12.2.8.400* released in August 2023.\nFor managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/www.informatics.support.philips.com/csm .\n\nRefer to the Philips advisory http://www.philips.com/productsecurity \u00a0for more details."
- }
- ],
- "credits": [
- {
- "lang": "en",
- "value": "TAS Health NZ and Camiel van Es reported these vulnerabilities to Philips."
- }
- ],
- "impact": {
- "cvss": [
- {
- "attackComplexity": "LOW",
- "attackVector": "LOCAL",
- "availabilityImpact": "NONE",
- "baseScore": 4.4,
- "baseSeverity": "MEDIUM",
- "confidentialityImpact": "LOW",
- "integrityImpact": "LOW",
- "privilegesRequired": "LOW",
- "scope": "UNCHANGED",
- "userInteraction": "NONE",
- "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
- "version": "3.1"
+ "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
diff --git a/2023/40xxx/CVE-2023-40539.json b/2023/40xxx/CVE-2023-40539.json
index 32e150286f7..d0ec0a98780 100644
--- a/2023/40xxx/CVE-2023-40539.json
+++ b/2023/40xxx/CVE-2023-40539.json
@@ -5,109 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-40539",
"ASSIGNER": "ics-cert@hq.dhs.gov",
- "STATE": "PUBLIC"
+ "STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Philips Vue PACS does not require that users have strong passwords, which could make it easier for attackers to compromise user accounts."
- }
- ]
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-521 Weak Password Requirements",
- "cweId": "CWE-521"
- }
- ]
- }
- ]
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Philips",
- "product": {
- "product_data": [
- {
- "product_name": "Vue PACS",
- "version": {
- "version_data": [
- {
- "version_affected": "<",
- "version_name": "0",
- "version_value": "12.2.8.410"
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- "references": {
- "reference_data": [
- {
- "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01",
- "refsource": "MISC",
- "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01"
- },
- {
- "url": "http://www.philips.com/productsecurity",
- "refsource": "MISC",
- "name": "http://www.philips.com/productsecurity"
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.2.0"
- },
- "source": {
- "advisory": "ICSMA-24-200-01",
- "discovery": "EXTERNAL"
- },
- "solution": [
- {
- "lang": "en",
- "supportingMedia": [
- {
- "base64": false,
- "type": "text/html",
- "value": "Philips recommends configuring the Vue PACS environment per 8G7607 \u2013 Vue PACS User Guide Rev G available on Incenter.For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal.
Refer to the Philips advisory for more details.
\n\n
"
- }
- ],
- "value": "Philips recommends configuring the Vue PACS environment per 8G7607 \u2013 Vue PACS User Guide Rev G available on Incenter http://incenter.medical.philips.com/Default.aspx .For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/www.informatics.support.philips.com/csm .\n\nRefer to the Philips advisory http://www.philips.com/productsecurity \u00a0for more details."
- }
- ],
- "credits": [
- {
- "lang": "en",
- "value": "TAS Health NZ and Camiel van Es reported these vulnerabilities to Philips."
- }
- ],
- "impact": {
- "cvss": [
- {
- "attackComplexity": "LOW",
- "attackVector": "LOCAL",
- "availabilityImpact": "NONE",
- "baseScore": 4.4,
- "baseSeverity": "MEDIUM",
- "confidentialityImpact": "LOW",
- "integrityImpact": "LOW",
- "privilegesRequired": "LOW",
- "scope": "UNCHANGED",
- "userInteraction": "NONE",
- "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
- "version": "3.1"
+ "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
diff --git a/2023/40xxx/CVE-2023-40704.json b/2023/40xxx/CVE-2023-40704.json
index f74a1a8098b..4e862db699d 100644
--- a/2023/40xxx/CVE-2023-40704.json
+++ b/2023/40xxx/CVE-2023-40704.json
@@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
- "value": "Philips Vue PACS uses default credentials for potentially critical functionality."
+ "value": "The product does not require unique and complex passwords to be created \nduring installation. Using Philips's default password could jeopardize \nthe PACS system if the password was hacked or leaked. An attacker could \ngain access to the database impacting system availability and data \nintegrity."
}
]
},
@@ -81,10 +81,10 @@
{
"base64": false,
"type": "text/html",
- "value": "Philips recommends configuring the Vue PACS environment per 8G7607 \u2013 Vue PACS User Guide Rev G available on Incenter.For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal.
Refer to the Philips advisory for more details.
\n\n
"
+ "value": "Philips recommends the following mitigations:
\n\n- For CVE-2021-28165, Philips recommends configuring the Vue PACS \nenvironment per D000763414 \u2013 Vue_PACS_12_Ports_Protocols_Services_Guide \navailable on Incenter. Vue PACS version 12.2.8.410* released in October 2023 prevents this vulnerability.
\n- For CVE-2023-40704, Philips recommends no action needed due to low \nrisk of exploitability, but customers can request that Philips update \ndatabase password(s).
\n
\nFor managed services users, new releases will be made available upon \nresource availability. Releases are subject to country specific \nregulations. Users with questions regarding their specific Philips Vue \nPACS installations and new release eligibility should contact their \nlocal Philips sales representative or submit a request in the Philips Informatics Support portal.
\nRefer to the Philips advisory for more details.\n\n
"
}
],
- "value": "Philips recommends configuring the Vue PACS environment per 8G7607 \u2013 Vue PACS User Guide Rev G available on Incenter http://incenter.medical.philips.com/Default.aspx .For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/www.informatics.support.philips.com/csm .\n\nRefer to the Philips advisory http://www.philips.com/productsecurity \u00a0for more details."
+ "value": "Philips recommends the following mitigations:\n\n\n\n * For CVE-2021-28165, Philips recommends configuring the Vue PACS \nenvironment per D000763414 \u2013 Vue_PACS_12_Ports_Protocols_Services_Guide \navailable on Incenter https://incenter.medical.philips.com/Default.aspx . Vue PACS version 12.2.8.410* released in October 2023 prevents this vulnerability.\n\n * For CVE-2023-40704, Philips recommends no action needed due to low \nrisk of exploitability, but customers can request that Philips update \ndatabase password(s).\n\n\n\n\nFor managed services users, new releases will be made available upon \nresource availability. Releases are subject to country specific \nregulations. Users with questions regarding their specific Philips Vue \nPACS installations and new release eligibility should contact their \nlocal Philips sales representative or submit a request in the Philips Informatics Support portal https://www.informatics.support.philips.com/csm .\n\n\nRefer to the Philips advisory https://www.philips.com/productsecurity for more details."
}
],
"credits": [
@@ -97,16 +97,16 @@
"cvss": [
{
"attackComplexity": "LOW",
- "attackVector": "LOCAL",
- "availabilityImpact": "NONE",
- "baseScore": 7.1,
- "baseSeverity": "HIGH",
+ "attackVector": "ADJACENT_NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 6.8,
+ "baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
- "privilegesRequired": "LOW",
+ "privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
- "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
+ "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
diff --git a/2025/29xxx/CVE-2025-29018.json b/2025/29xxx/CVE-2025-29018.json
index b5e4c24422d..3c061e6f075 100644
--- a/2025/29xxx/CVE-2025-29018.json
+++ b/2025/29xxx/CVE-2025-29018.json
@@ -1,17 +1,61 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2025-29018",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2025-29018",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "A Stored Cross-Site Scripting (XSS) vulnerability exists in the name parameter of pages_add_acc_type.php in Code Astro Internet Banking System 2.0.0."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/b1tm4r/CVE-2025-29018",
+ "url": "https://github.com/b1tm4r/CVE-2025-29018"
}
]
}
diff --git a/2025/2xxx/CVE-2025-2786.json b/2025/2xxx/CVE-2025-2786.json
index 1e04e39bbcc..1ee18211f1e 100644
--- a/2025/2xxx/CVE-2025-2786.json
+++ b/2025/2xxx/CVE-2025-2786.json
@@ -44,7 +44,21 @@
"x_cve_json_5_version_data": {
"versions": [
{
- "version": "sha256:cbe0df797c34aebfec911c281fbfee9fe7713a4c45d778ae480cd6a7bcab202e",
+ "version": "sha256:29c1be152c9b2ca9fa8af25a10f156f8731b8396e8b2bc82d6b398a5e5027fdf",
+ "lessThan": "*",
+ "versionType": "rpm",
+ "status": "unaffected"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
+ },
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "version": "sha256:e0e3273eceb8339638f2f1d91bb5eb6a57cfc0bc1442fcdea5fcff36812ccb4c",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@@ -106,6 +120,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:3607"
},
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2025:3740",
+ "refsource": "MISC",
+ "name": "https://access.redhat.com/errata/RHSA-2025:3740"
+ },
{
"url": "https://access.redhat.com/security/cve/CVE-2025-2786",
"refsource": "MISC",
diff --git a/2025/2xxx/CVE-2025-2842.json b/2025/2xxx/CVE-2025-2842.json
index fbdabbfca3f..d308a65f0fc 100644
--- a/2025/2xxx/CVE-2025-2842.json
+++ b/2025/2xxx/CVE-2025-2842.json
@@ -44,7 +44,21 @@
"x_cve_json_5_version_data": {
"versions": [
{
- "version": "sha256:cbe0df797c34aebfec911c281fbfee9fe7713a4c45d778ae480cd6a7bcab202e",
+ "version": "sha256:29c1be152c9b2ca9fa8af25a10f156f8731b8396e8b2bc82d6b398a5e5027fdf",
+ "lessThan": "*",
+ "versionType": "rpm",
+ "status": "unaffected"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
+ },
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "version": "sha256:e0e3273eceb8339638f2f1d91bb5eb6a57cfc0bc1442fcdea5fcff36812ccb4c",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@@ -106,6 +120,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:3607"
},
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2025:3740",
+ "refsource": "MISC",
+ "name": "https://access.redhat.com/errata/RHSA-2025:3740"
+ },
{
"url": "https://access.redhat.com/security/cve/CVE-2025-2842",
"refsource": "MISC",
diff --git a/2025/30xxx/CVE-2025-30654.json b/2025/30xxx/CVE-2025-30654.json
index f919592c758..9ea7d81b4ce 100644
--- a/2025/30xxx/CVE-2025-30654.json
+++ b/2025/30xxx/CVE-2025-30654.json
@@ -1,17 +1,183 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30654",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive information.\u00a0\n\nThrough the execution of a specific show mgd command, a user with limited permissions (e.g., a low-privileged login class user) can access sensitive information such as hashed passwords,\u00a0that can be used to further impact the system.\n\n\nThis issue affects Junos OS:\u00a0 * All versions before 21.4R3-S10,\n * from 22.2 before 22.2R3-S5,\n * from 22.4 before 22.4R3-S5,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2-S3.\n\n\n\n\n\nJunos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S10-EVO,\n * from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S5-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-S3-EVO."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
+ "cweId": "CWE-200"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.4R3-S10"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S5"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3-S5"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4",
+ "version_value": "23.4R2-S3"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "Junos OS Evolved",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.4R3-S10-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2-EVO",
+ "version_value": "22.2R3-S6-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4-EVO",
+ "version_value": "22.4R3-S5-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2-EVO",
+ "version_value": "23.2R2-S3-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4-EVO",
+ "version_value": "23.4R2-S3-EVO"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96464",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96464"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96464",
+ "defect": [
+ "1807742"
+ ],
+ "discovery": "INTERNAL"
+ },
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.
"
+ }
+ ],
+ "value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators."
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue:
Junos OS: 21.4R3-S10, 22.2R3-S6, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, 24.2R1, and all subsequent releases.
Junos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S3-EVO, 24.2R1-EVO, and all subsequent releases.
"
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 21.4R3-S10, 22.2R3-S6, 22.4R3-S5, 23.2R2-S3,\u00a023.4R2-S3, 24.2R1, and all subsequent releases.\n\nJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO,\u00a023.4R2-S3-EVO, 24.2R1-EVO,\u00a0and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "LOCAL",
+ "availabilityImpact": "NONE",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2025/30xxx/CVE-2025-30655.json b/2025/30xxx/CVE-2025-30655.json
index d8f165dbf53..5045f9cc677 100644
--- a/2025/30xxx/CVE-2025-30655.json
+++ b/2025/30xxx/CVE-2025-30655.json
@@ -1,17 +1,206 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30655",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific \"show bgp neighbor\" CLI command\u00a0is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.\u00a0\n\nThe device is only affected if BGP RIB sharding and update-threading is enabled.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\u00a0\n * from 21.4 before 21.4R3-S8,\n * from 22.2 before 22.2R3-S6,\u00a0\n * from 22.4 before 22.4R3-S2,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2.\n\n\nand Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.2R3-S9-EVO,\u00a0\n * from 21.4-EVO before 21.4R3-S8-EVO,\u00a0\n * from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-EVO."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
+ "cweId": "CWE-754"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.2R3-S9"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "21.4",
+ "version_value": "21.4R3-S8"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3-S2"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4",
+ "version_value": "23.4R2"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "Junos OS Evolved",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.2R3-S9-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "21.4-EVO",
+ "version_value": "21.4R3-S8-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2-EVO",
+ "version_value": "22.2R3-S6-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4-EVO",
+ "version_value": "22.4R3-S2-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2-EVO",
+ "version_value": "23.2R2-S3-EVO"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4-EVO",
+ "version_value": "23.4R2-EVO"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96465",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96465"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96465",
+ "defect": [
+ "1797777"
+ ],
+ "discovery": "INTERNAL"
+ },
+ "configuration": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following configuration is required on the device for it to be affected:
[ system processes routing bgp rib-sharding ]
[ system processes routing bgp update-threading ]"
+ }
+ ],
+ "value": "The following configuration is required on the device for it to be affected:\n[ system processes routing bgp rib-sharding ]\n[ system processes routing bgp update-threading ]"
+ }
+ ],
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "There are no known workarounds for this issue.
Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.
"
+ }
+ ],
+ "value": "There are no known workarounds for this issue.\nUse access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators."
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue:
Junos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S8-EVO, 22.2R3-S6-EVO, 22.4R3-S2-EVO, 23.2R2-S3-EVO, 23.4R2-EVO, 24.2R1-EVO.
Junos OS: 21.2R3-S9, 21.4R3-S8, 22.2R3-S6, 22.4R3-S2, 23.2R2-S3, 23.4R2, 24.2R1, and all subsequent releases."
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S8-EVO,\u00a022.2R3-S6-EVO, 22.4R3-S2-EVO, 23.2R2-S3-EVO, 23.4R2-EVO, 24.2R1-EVO.\nJunos OS: 21.2R3-S9, 21.4R3-S8,\u00a022.2R3-S6, 22.4R3-S2, 23.2R2-S3, 23.4R2, 24.2R1, and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "LOCAL",
+ "availabilityImpact": "HIGH",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2025/30xxx/CVE-2025-30656.json b/2025/30xxx/CVE-2025-30656.json
index 2b72af450af..52d99eeaf9d 100644
--- a/2025/30xxx/CVE-2025-30656.json
+++ b/2025/30xxx/CVE-2025-30656.json
@@ -1,17 +1,174 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30656",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nIf the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets. Although the system will automatically recover with the restart of the FPC, subsequent SIP invites will cause the crash again and lead to a sustained DoS.\n\n\n\n\nThis issue affects Junos OS on MX Series and SRX Series:\u00a0\n\n * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S3,\n * 24.2 versions before 24.2R1-S2, 24.2R2."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-167 Improper Handling of Additional Special Element",
+ "cweId": "CWE-167"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.2R3-S9"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "21.4",
+ "version_value": "21.4R3-S10"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3-S5"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4",
+ "version_value": "23.4R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "24.2",
+ "version_value": "24.2R1-S2, 24.2R2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96466",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96466"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96466",
+ "defect": [
+ "1833097"
+ ],
+ "discovery": "USER"
+ },
+ "configuration": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX, and MX with SPC3 with:
user@host> show security alg status | match sip
SIP : Enabled
Please verify on MX whether the following is configured:
[ services ... rule <rule-name> (term <term-name> ) from/match application/application-set <name> ]
where either
a. name = junos-sip or
an application or application-set refers to SIP:
b. [ applications application <name> application-protocol sip ] or
c. [ applications application-set <name> application junos-sip ]\n\n
"
+ }
+ ],
+ "value": "To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX, and MX with SPC3 with:\n\nuser@host> show security alg status | match sip\nSIP : Enabled\n\n\n\nPlease verify on MX whether the following is configured:\n\n[ services ... rule (term ) from/match application/application-set ]\nwhere either\n\na. name = junos-sip or\nan application or application-set refers to SIP:\n\nb. [ applications application application-protocol sip ] or\nc. [ applications application-set application junos-sip ]"
+ }
+ ],
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "There are no known workarounds for this issue.
To reduce the risk of exploitation customers not requiring the SIP ALG functionality could explicitly disable it (in case it's by default enabled) by configuring:
[ security alg sip disable\n\n\n\n]"
+ }
+ ],
+ "value": "There are no known workarounds for this issue.\n\nTo reduce the risk of exploitation customers not requiring the SIP ALG functionality could explicitly disable it (in case it's by default enabled) by configuring:\n\n[\u00a0security alg sip disable\n\n\n\n]"
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, \n\n21.4R3-S10, 22.2R3-S6, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases."
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, \n\n21.4R3-S10, 22.2R3-S6, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2025/30xxx/CVE-2025-30657.json b/2025/30xxx/CVE-2025-30657.json
index b74ead8444f..c55825951bd 100644
--- a/2025/30xxx/CVE-2025-30657.json
+++ b/2025/30xxx/CVE-2025-30657.json
@@ -1,17 +1,164 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30657",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R1-S2, 23.2R2.\n\n\n\nThis issue does not affected Junos OS Evolved."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-116 Improper Encoding or Escaping of Output",
+ "cweId": "CWE-116"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.2R3-S9"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "21.4",
+ "version_value": "21.4R3-S10"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R1-S2, 23.2R2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96467",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96467"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96467",
+ "defect": [
+ "1744804"
+ ],
+ "discovery": "INTERNAL"
+ },
+ "configuration": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "For a system to be exposed to this issue flow-monitoring needs to be configured:
[ services flow-monitoring (version-ipfix|version9) ]"
+ }
+ ],
+ "value": "For a system to be exposed to this issue flow-monitoring needs to be configured:\n\n[ services flow-monitoring (version-ipfix|version9) ]"
+ }
+ ],
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases."
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "LOW",
+ "baseScore": 5.3,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "version": "3.1"
}
]
}
diff --git a/2025/30xxx/CVE-2025-30658.json b/2025/30xxx/CVE-2025-30658.json
index 974ee090385..62fb04a8b86 100644
--- a/2025/30xxx/CVE-2025-30658.json
+++ b/2025/30xxx/CVE-2025-30658.json
@@ -1,17 +1,174 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30658",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series \n\nallows an unauthenticated, network-based attacker\u00a0to cause a Denial-of-Service (DoS).\n\nOn all SRX platforms with Anti-Virus enabled, if a server sends specific content in the HTTP body of a response to a client request, these packets are queued by Anti-Virus processing in Juniper Buffers (jbufs) which are never released. When these jbufs are exhausted, the device stops forwarding all transit traffic.\n\nA jbuf memory leak can be noticed from the following logs:\n\n(.) Warning: jbuf pool id <#> utilization level (%) is above %!\n\nTo recover from this issue, the affected device needs to be manually rebooted to free the leaked jbufs.\n\n\n\n\nThis issue affects Junos OS on SRX Series:\u00a0\n\n * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3-S6,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S3,\n * 24.2 versions before 24.2R2."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-401 Missing Release of Memory after Effective Lifetime",
+ "cweId": "CWE-401"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.2R3-S9"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "21.4",
+ "version_value": "21.4R3-S10"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4",
+ "version_value": "23.4R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "24.2",
+ "version_value": "24.2R2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96469",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96469"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96469",
+ "defect": [
+ "1815930"
+ ],
+ "discovery": "USER"
+ },
+ "configuration": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "To be exposed to this issue the device needs to be configured with Anti-Virus:
[ security utm utm-policy <name> anti-virus ]"
+ }
+ ],
+ "value": "To be exposed to this issue the device needs to be configured with Anti-Virus:\n\n[ security utm utm-policy anti-virus ]"
+ }
+ ],
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S3, 24.2R2, 24.4R1, and all subsequent releases."
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S3, 24.2R2, 24.4R1, and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2025/30xxx/CVE-2025-30659.json b/2025/30xxx/CVE-2025-30659.json
index 609f2859169..0ca4ed33e6a 100644
--- a/2025/30xxx/CVE-2025-30659.json
+++ b/2025/30xxx/CVE-2025-30659.json
@@ -1,17 +1,169 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30659",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart.\nThis issue affects Junos OS on SRX Series:\n\n\n\n * All 21.4 versions,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3-S6,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2.\n\n\n\n\nThis issue does not affect versions before 21.4."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-130 Improper Handling of Length Parameter Inconsistency",
+ "cweId": "CWE-130"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "21.4R1",
+ "version_value": "21.4*"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3-S6"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R2-S3"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4",
+ "version_value": "23.4R2-S4"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "24.2",
+ "version_value": "24.2R2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96470",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96470"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96470",
+ "defect": [
+ "1820807"
+ ],
+ "discovery": "INTERNAL"
+ },
+ "configuration": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "To be exposed to this issue the SRX needs to be configured for SVR:
[ services vector-routing ]"
+ }
+ ],
+ "value": "To be exposed to this issue the SRX needs to be configured for SVR:\n\n[ services\u00a0vector-routing ]"
+ }
+ ],
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue: 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue: 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2025/30xxx/CVE-2025-30660.json b/2025/30xxx/CVE-2025-30660.json
index f64fe1a6a47..db01846efe6 100644
--- a/2025/30xxx/CVE-2025-30660.json
+++ b/2025/30xxx/CVE-2025-30660.json
@@ -1,17 +1,156 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30660",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "sirt@juniper.net",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop. \n\n\n\nWhen this issue occurs the following logs can be observed:\n\n MQSS(0): LI-3: Received a parcel with more than 512B\u00a0accompanying data \nCHASSISD_FPC_ASIC_ERROR: ASIC Error detected <...>\n\n\nThis issue affects Junos OS:\n\n * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S8,\n * 22.2 versions before 22.2R3-S4,\n * 22.4 versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S2,\n * 23.4 versions before 23.4R2."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
+ "cweId": "CWE-754"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Juniper Networks",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Junos OS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "21.2R3-S9"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "21.4",
+ "version_value": "21.4R3-S8"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.2",
+ "version_value": "22.2R3-S4"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "22.4",
+ "version_value": "22.4R3-S5"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.2",
+ "version_value": "23.2R2-S2"
+ },
+ {
+ "version_affected": "<",
+ "version_name": "23.4",
+ "version_value": "23.4R2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://supportportal.juniper.net/JSA96471",
+ "refsource": "MISC",
+ "name": "https://supportportal.juniper.net/JSA96471"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "JSA96471",
+ "defect": [
+ "1784246"
+ ],
+ "discovery": "USER"
+ },
+ "work_around": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "value": "There are no known workarounds for this issue."
+ }
+ ],
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S8, 22.2R3-S4, 22.4R3-S5, 23.2R2-S2, 23.4R2, 24.2R1, and all subsequent releases."
+ }
+ ],
+ "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S8, 22.2R3-S4, 22.4R3-S5, 23.2R2-S2, 23.4R2, 24.2R1, and all subsequent releases."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2025/32xxx/CVE-2025-32701.json b/2025/32xxx/CVE-2025-32701.json
new file mode 100644
index 00000000000..370b840c0b2
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32701.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32701",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32702.json b/2025/32xxx/CVE-2025-32702.json
new file mode 100644
index 00000000000..7095400351c
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32702.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32702",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32703.json b/2025/32xxx/CVE-2025-32703.json
new file mode 100644
index 00000000000..d937af55c0d
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32703.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32703",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32704.json b/2025/32xxx/CVE-2025-32704.json
new file mode 100644
index 00000000000..0ff3c55e790
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32704.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32704",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32705.json b/2025/32xxx/CVE-2025-32705.json
new file mode 100644
index 00000000000..f823873d7e5
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32705.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32705",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32706.json b/2025/32xxx/CVE-2025-32706.json
new file mode 100644
index 00000000000..3cb52a00967
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32706.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32706",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32707.json b/2025/32xxx/CVE-2025-32707.json
new file mode 100644
index 00000000000..57a5ba92140
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32707.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32707",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32708.json b/2025/32xxx/CVE-2025-32708.json
new file mode 100644
index 00000000000..565229d4aac
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32708.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32708",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32709.json b/2025/32xxx/CVE-2025-32709.json
new file mode 100644
index 00000000000..363f93f9053
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32709.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32709",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32710.json b/2025/32xxx/CVE-2025-32710.json
new file mode 100644
index 00000000000..19c5e2ab80d
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32710.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32710",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32711.json b/2025/32xxx/CVE-2025-32711.json
new file mode 100644
index 00000000000..9b10d96edac
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32711.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32711",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32712.json b/2025/32xxx/CVE-2025-32712.json
new file mode 100644
index 00000000000..50c322479d4
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32712.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32712",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32713.json b/2025/32xxx/CVE-2025-32713.json
new file mode 100644
index 00000000000..e6a858ac5a4
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32713.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32713",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32714.json b/2025/32xxx/CVE-2025-32714.json
new file mode 100644
index 00000000000..233bd3642c1
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32714.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32714",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32715.json b/2025/32xxx/CVE-2025-32715.json
new file mode 100644
index 00000000000..a9f86943a9f
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32715.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32715",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32716.json b/2025/32xxx/CVE-2025-32716.json
new file mode 100644
index 00000000000..2e44c5f7b2d
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32716.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32716",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32717.json b/2025/32xxx/CVE-2025-32717.json
new file mode 100644
index 00000000000..93196988b38
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32717.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32717",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32718.json b/2025/32xxx/CVE-2025-32718.json
new file mode 100644
index 00000000000..db18912fc8a
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32718.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32718",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32719.json b/2025/32xxx/CVE-2025-32719.json
new file mode 100644
index 00000000000..8cf09966e30
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32719.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32719",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32720.json b/2025/32xxx/CVE-2025-32720.json
new file mode 100644
index 00000000000..3cd4e8369d3
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32720.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32720",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32721.json b/2025/32xxx/CVE-2025-32721.json
new file mode 100644
index 00000000000..85bc8e2e2f5
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32721.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32721",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32722.json b/2025/32xxx/CVE-2025-32722.json
new file mode 100644
index 00000000000..c25ca36412b
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32722.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32722",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32723.json b/2025/32xxx/CVE-2025-32723.json
new file mode 100644
index 00000000000..a7ca6c329e8
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32723.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32723",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32724.json b/2025/32xxx/CVE-2025-32724.json
new file mode 100644
index 00000000000..b4c7c38f27b
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32724.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32724",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32725.json b/2025/32xxx/CVE-2025-32725.json
new file mode 100644
index 00000000000..0abce3dcec0
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32725.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32725",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32726.json b/2025/32xxx/CVE-2025-32726.json
new file mode 100644
index 00000000000..9d9bade93a8
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32726.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32726",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/32xxx/CVE-2025-32727.json b/2025/32xxx/CVE-2025-32727.json
new file mode 100644
index 00000000000..22a03781cf7
--- /dev/null
+++ b/2025/32xxx/CVE-2025-32727.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-32727",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/3xxx/CVE-2025-3480.json b/2025/3xxx/CVE-2025-3480.json
new file mode 100644
index 00000000000..4cfbdd65915
--- /dev/null
+++ b/2025/3xxx/CVE-2025-3480.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-3480",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/3xxx/CVE-2025-3481.json b/2025/3xxx/CVE-2025-3481.json
new file mode 100644
index 00000000000..91b71333943
--- /dev/null
+++ b/2025/3xxx/CVE-2025-3481.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-3481",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/3xxx/CVE-2025-3482.json b/2025/3xxx/CVE-2025-3482.json
new file mode 100644
index 00000000000..167b41a01d1
--- /dev/null
+++ b/2025/3xxx/CVE-2025-3482.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-3482",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/3xxx/CVE-2025-3483.json b/2025/3xxx/CVE-2025-3483.json
new file mode 100644
index 00000000000..59ced753e99
--- /dev/null
+++ b/2025/3xxx/CVE-2025-3483.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-3483",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/3xxx/CVE-2025-3484.json b/2025/3xxx/CVE-2025-3484.json
new file mode 100644
index 00000000000..936b3b4b29c
--- /dev/null
+++ b/2025/3xxx/CVE-2025-3484.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-3484",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file