Go.json

{
    "CVE-2012-2666": {
        "CVE-ID": "CVE-2012-2666",
        "NVD": {
            "Descriptions": "golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.0.2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.0.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        }
    },
    "CVE-2014-7189": {
        "CVE-ID": "CVE-2014-7189",
        "NVD": {
            "Descriptions": "crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 0,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.3.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.3.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.3",
                    "FormattedString": "cpe:2.3:a:golang:go:1.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.2.2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.2.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.2.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.2.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.1.2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.1.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.1.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.1.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        }
    },
    "CVE-2015-5739": {
        "CVE-ID": "CVE-2015-5739",
        "NVD": {
            "Descriptions": "The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by \"Content Length\" instead of \"Content-Length.\"",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.3",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.5",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.4",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.3",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.4",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.3",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:22",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:21",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.4.2"
                }
            ]
        },
        "Official": {
            "1.4.3": {
                "source": {
                    "12741": "https://github.com/golang/go/issues/12741"
                }
            }
        }
    },
    "CVE-2015-5740": {
        "CVE-ID": "CVE-2015-5740",
        "NVD": {
            "Descriptions": "The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.3",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.5",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.4",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.3",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.4",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.3",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:22",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:21",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.4.2"
                }
            ]
        },
        "Official": {
            "1.4.3": {
                "source": {
                    "12741": "https://github.com/golang/go/issues/12741"
                }
            }
        }
    },
    "CVE-2015-5741": {
        "CVE-ID": "CVE-2015-5741",
        "NVD": {
            "Descriptions": "The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack:8",
                    "FormattedString": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack:7.0",
                    "FormattedString": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.4.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.4.3": {
                "source": {
                    "12741": "https://github.com/golang/go/issues/12741"
                }
            }
        }
    },
    "CVE-2015-8618": {
        "CVE-ID": "CVE-2015-8618",
        "NVD": {
            "Descriptions": "The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:42.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.5.2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.5.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.5.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.5.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.5",
                    "FormattedString": "cpe:2.3:a:golang:go:1.5:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.6": {
                "source": {
                    "13515": "https://github.com/golang/go/issues/13515"
                }
            }
        }
    },
    "CVE-2016-3958": {
        "CVE-ID": "CVE-2016-3958",
        "NVD": {
            "Descriptions": "Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function.",
            "Cvss2_BaseScore": 7.2,
            "Cvss3_BaseScore": 7.8,
            "Cvss2_VectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.6",
                    "FormattedString": "cpe:2.3:a:golang:go:1.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.5",
                    "VersionEndExcluding": "1.5.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.6",
                    "VersionEndExcluding": "1.6.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.6.1": {
                "source": {
                    "14959": "https://github.com/golang/go/issues/14959"
                }
            }
        }
    },
    "CVE-2016-3959": {
        "CVE-ID": "CVE-2016-3959",
        "NVD": {
            "Descriptions": "The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:42.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:24",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:23",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:22",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.6",
                    "FormattedString": "cpe:2.3:a:golang:go:1.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.5"
                }
            ]
        },
        "Official": {
            "1.6.1": {
                "source": {
                    "15184": "https://github.com/golang/go/issues/15184"
                }
            }
        }
    },
    "CVE-2016-5386": {
        "CVE-ID": "CVE-2016-5386",
        "NVD": {
            "Descriptions": "The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue.",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 8.1,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.2",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:oracle:linux:7",
                    "FormattedString": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:24",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:23",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.7:rc1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.7:rc1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.0",
                    "VersionEndExcluding": "1.6.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.6.3": {
                "source": {
                    "16405": "https://github.com/golang/go/issues/16405"
                }
            }
        }
    },
    "CVE-2017-1000097": {
        "CVE-ID": "CVE-2017-1000097",
        "NVD": {
            "Descriptions": "On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.6.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.7",
                    "VersionEndExcluding": "1.7.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.7.4": {
                "source": {
                    "18141": "https://github.com/golang/go/issues/18141"
                }
            }
        }
    },
    "CVE-2017-1000098": {
        "CVE-ID": "CVE-2017-1000098",
        "NVD": {
            "Descriptions": "The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given \"maxMemory\" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.6.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.7",
                    "VersionEndExcluding": "1.7.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.7.4": {
                "source": {
                    "17965": "https://github.com/golang/go/issues/17965"
                }
            }
        }
    },
    "CVE-2017-15041": {
        "CVE-ID": "CVE-2017-15041",
        "NVD": {
            "Descriptions": "Go before 1.8.4 and 1.9.x before 1.9.1 allows \"go get\" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository includes a Git checkout in its pkg2 directory and some other work is done to ensure the proper ordering of operations, \"go get\" can be tricked into reusing this Git checkout for the fetch of code from pkg2. If the Subversion repository's Git checkout has malicious commands in .git/hooks/, they will execute on the system running \"go get.\"",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_tus:7.7",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_tus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.7",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_eus:7.7",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_eus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:developer_tools:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.9:-",
                    "FormattedString": "cpe:2.3:a:golang:go:1.9:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.8.3"
                }
            ]
        },
        "Official": {
            "1.8.4": {
                "source": {
                    "22125": "https://github.com/golang/go/issues/22125"
                }
            },
            "1.9.1": {
                "source": {
                    "22131": "https://github.com/golang/go/issues/22131"
                }
            }
        }
    },
    "CVE-2017-15042": {
        "CVE-ID": "CVE-2017-15042",
        "NVD": {
            "Descriptions": "An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STARTTLS and does advertise that PLAIN auth is OK, the smtp.PlainAuth implementation sends the username and password.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.9",
                    "FormattedString": "cpe:2.3:a:golang:go:1.9:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.8.3"
                }
            ]
        },
        "Official": {
            "1.8.4": {
                "source": {
                    "22134": "https://github.com/golang/go/issues/22134"
                }
            },
            "1.9.1": {
                "source": {
                    "22133": "https://github.com/golang/go/issues/22133"
                }
            }
        }
    },
    "CVE-2017-8932": {
        "CVE-ID": "CVE-2017-8932",
        "NVD": {
            "Descriptions": "A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:42.2",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:25",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:novell:suse_package_hub_for_suse_linux_enterprise:12",
                    "FormattedString": "cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.8.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.8.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.8",
                    "FormattedString": "cpe:2.3:a:golang:go:1.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.7.5"
                }
            ]
        },
        "Official": {
            "1.8.2": {
                "source": {
                    "20040": "https://github.com/golang/go/issues/20040"
                }
            }
        }
    },
    "CVE-2018-16873": {
        "CVE-ID": "CVE-2018-16873",
        "NVD": {
            "Descriptions": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it's possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:suse:linux_enterprise_server:12:-",
                    "FormattedString": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:42.3",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.0",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:opensuse:backports_sle:15.0:-",
                    "FormattedString": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.10.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.11.0",
                    "VersionEndExcluding": "1.11.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.12": {
                "source": {
                    "29230": "https://github.com/golang/go/issues/29230"
                }
            },
            "1.11.3": {
                "source": {
                    "29232": "https://github.com/golang/go/issues/29232"
                }
            },
            "1.10.6": {
                "source": {
                    "29234": "https://github.com/golang/go/issues/29234"
                }
            }
        }
    },
    "CVE-2018-16874": {
        "CVE-ID": "CVE-2018-16874",
        "NVD": {
            "Descriptions": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 6.8,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:suse:linux_enterprise_server:12:-",
                    "FormattedString": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:42.3",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.0",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:opensuse:backports_sle:15.0:-",
                    "FormattedString": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.10.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.11.0",
                    "VersionEndExcluding": "1.11.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.12": {
                "source": {
                    "29231": "https://github.com/golang/go/issues/29231"
                }
            },
            "1.11.3": {
                "source": {
                    "29235": "https://github.com/golang/go/issues/29235"
                }
            },
            "1.10.6": {
                "source": {
                    "29236": "https://github.com/golang/go/issues/29236"
                }
            }
        }
    },
    "CVE-2018-16875": {
        "CVE-ID": "CVE-2018-16875",
        "NVD": {
            "Descriptions": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
            "Cvss2_BaseScore": 7.8,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:42.3",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.10.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.11.0",
                    "VersionEndExcluding": "1.11.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.12": {
                "source": {
                    "29233": "https://github.com/golang/go/issues/29233"
                }
            }
        }
    },
    "CVE-2018-6574": {
        "CVE-ID": "CVE-2018-6574",
        "NVD": {
            "Descriptions": "Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow \"go get\" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.",
            "Cvss2_BaseScore": 4.6,
            "Cvss3_BaseScore": 7.8,
            "Cvss2_VectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_tus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_eus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server_aus:7.6",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.9.3",
                    "FormattedString": "cpe:2.3:a:golang:go:1.9.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.9.2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.9.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.9.1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.9.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.9",
                    "FormattedString": "cpe:2.3:a:golang:go:1.9:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.10:rc1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.10:rc1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.10:beta2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.10:beta2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.10:beta1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.10:beta1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.8.6"
                }
            ]
        },
        "Official": {
            "1.10": {
                "source": {
                    "23672": "https://github.com/golang/go/issues/23672"
                }
            },
            "1.9.4": {
                "source": {
                    "23673": "https://github.com/golang/go/issues/23673"
                }
            },
            "1.8.7": {
                "source": {
                    "23674": "https://github.com/golang/go/issues/23674"
                }
            }
        }
    },
    "CVE-2018-7187": {
        "CVE-ID": "CVE-2018-7187",
        "NVD": {
            "Descriptions": "The \"go get\" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for \"://\" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site.",
            "Cvss2_BaseScore": 9.3,
            "Cvss3_BaseScore": 8.8,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:7.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.9.5",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.10",
                    "VersionEndExcluding": "1.10.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.10.1": {
                "source": {
                    "23867": "https://github.com/golang/go/issues/23867"
                }
            },
            "1.9.5": {
                "source": {
                    "24567": "https://github.com/golang/go/issues/24567"
                }
            }
        }
    },
    "CVE-2019-11888": {
        "CVE-ID": "CVE-2019-11888",
        "NVD": {
            "Descriptions": "Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.12.5"
                }
            ]
        },
        "Official": {
            "1.12.6": {
                "source": {
                    "32081": "https://github.com/golang/go/issues/32081"
                }
            },
            "NOT_IN_MILESTONE": {
                "source": {
                    "32000": "https://github.com/golang/go/issues/32000"
                }
            }
        }
    },
    "CVE-2019-14809": {
        "CVE-ID": "CVE-2019-14809",
        "NVD": {
            "Descriptions": "net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.11.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.12.0",
                    "VersionEndExcluding": "1.12.8",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Backlog": {
                "source": {
                    "29098": "https://github.com/golang/go/issues/29098"
                }
            },
            "1.12.8": {
                "source": {
                    "33633": "https://github.com/golang/go/issues/33633"
                }
            },
            "1.11.13": {
                "source": {
                    "33632": "https://github.com/golang/go/issues/33632"
                }
            }
        }
    },
    "CVE-2019-16276": {
        "CVE-ID": "CVE-2019-16276",
        "NVD": {
            "Descriptions": "Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_eus:8.1",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.0",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:31",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:30",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:29",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:4.2",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:developer_tools:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.12.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.13",
                    "VersionEndExcluding": "1.13.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.14": {
                "source": {
                    "34540": "https://github.com/golang/go/issues/34540"
                }
            },
            "1.12.10": {
                "source": {
                    "34541": "https://github.com/golang/go/issues/34541"
                }
            },
            "1.13.1": {
                "source": {
                    "34542": "https://github.com/golang/go/issues/34542"
                }
            }
        }
    },
    "CVE-2019-17596": {
        "CVE-ID": "CVE-2019-17596",
        "NVD": {
            "Descriptions": "Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:8.1",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:8.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.0",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:31",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:30",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:arista:mos",
                    "FormattedString": "cpe:2.3:o:arista:mos:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "0.25"
                },
                {
                    "URI": "cpe:/o:arista:eos",
                    "FormattedString": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "4.23.1f"
                },
                {
                    "URI": "cpe:/a:redhat:developer_tools:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.12",
                    "VersionEndExcluding": "1.12.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.13",
                    "VersionEndExcluding": "1.13.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:arista:terminattr",
                    "FormattedString": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.7.2"
                },
                {
                    "URI": "cpe:/a:arista:cloudvision_portal:2019.1.2",
                    "FormattedString": "cpe:2.3:a:arista:cloudvision_portal:2019.1.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:arista:cloudvision_portal:2019.1.1",
                    "FormattedString": "cpe:2.3:a:arista:cloudvision_portal:2019.1.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:arista:cloudvision_portal:2019.1.0",
                    "FormattedString": "cpe:2.3:a:arista:cloudvision_portal:2019.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:arista:cloudvision_portal",
                    "FormattedString": "cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "2018.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2018.2.3"
                }
            ]
        },
        "Official": {
            "1.14": {
                "source": {
                    "34960": "https://github.com/golang/go/issues/34960"
                }
            },
            "1.12.11": {
                "source": {
                    "34961": "https://github.com/golang/go/issues/34961"
                }
            },
            "1.13.2": {
                "source": {
                    "34962": "https://github.com/golang/go/issues/34962"
                }
            }
        }
    },
    "CVE-2019-6486": {
        "CVE-ID": "CVE-2019-6486",
        "NVD": {
            "Descriptions": "Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.",
            "Cvss2_BaseScore": 6.4,
            "Cvss3_BaseScore": 8.2,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:15.0",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:8.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.10.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.11.1",
                    "VersionEndExcluding": "1.11.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.12": {
                "source": {
                    "29903": "https://github.com/golang/go/issues/29903"
                }
            },
            "1.11.5": {
                "source": {
                    "29904": "https://github.com/golang/go/issues/29904"
                }
            },
            "1.10.8": {
                "source": {
                    "29905": "https://github.com/golang/go/issues/29905"
                }
            }
        }
    },
    "CVE-2019-9634": {
        "CVE-ID": "CVE-2019-9634",
        "NVD": {
            "Descriptions": "Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection.",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 7.8,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.11.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.12",
                    "VersionEndExcluding": "1.12.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.13": {
                "source": {
                    "30642": "https://github.com/golang/go/issues/30642"
                }
            },
            "1.12.2": {
                "source": {
                    "30666": "https://github.com/golang/go/issues/30666"
                }
            },
            "1.11.10": {
                "source": {
                    "30989": "https://github.com/golang/go/issues/30989"
                }
            }
        }
    },
    "CVE-2019-9741": {
        "CVE-ID": "CVE-2019-9741",
        "NVD": {
            "Descriptions": "An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \\r\\n followed by an HTTP header or a Redis command.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 6.1,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:29",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:8.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:developer_tools:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.11.5",
                    "FormattedString": "cpe:2.3:a:golang:go:1.11.5:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "NOT_IN_MILESTONE": {
                "source": {
                    "30794": "https://github.com/golang/go/issues/30794"
                }
            }
        }
    },
    "CVE-2020-0601": {
        "CVE-ID": "CVE-2020-0601",
        "NVD": {
            "Descriptions": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.",
            "Cvss2_BaseScore": 5.8,
            "Cvss3_BaseScore": 8.1,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:microsoft:windows_server_2019:-",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2016:1909",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2016:1903",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2016:1803",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2016:-",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:1909",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:1903",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:1809",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:1803",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:1709",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:1607",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10:-",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.12",
                    "VersionEndExcluding": "1.12.16",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.13",
                    "VersionEndExcluding": "1.13.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.14": {
                "source": {
                    "36834": "https://github.com/golang/go/issues/36834"
                }
            },
            "1.12.16": {
                "source": {
                    "36836": "https://github.com/golang/go/issues/36836"
                }
            },
            "1.13.7": {
                "source": {
                    "36835": "https://github.com/golang/go/issues/36835"
                }
            }
        }
    },
    "CVE-2020-14039": {
        "CVE-ID": "CVE-2020-14039",
        "NVD": {
            "Descriptions": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:15.2",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.13.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.14.0",
                    "VersionEndExcluding": "1.14.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15": {
                "source": {
                    "39360": "https://github.com/golang/go/issues/39360"
                }
            },
            "1.13.13": {
                "source": {
                    "40209": "https://github.com/golang/go/issues/40209"
                }
            },
            "1.14.5": {
                "source": {
                    "40210": "https://github.com/golang/go/issues/40210"
                }
            }
        }
    },
    "CVE-2020-15586": {
        "CVE-ID": "CVE-2020-15586",
        "NVD": {
            "Descriptions": "Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:15.2",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:32",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:31",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.13.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.14.0",
                    "VersionEndExcluding": "1.14.5",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cloudfoundry:routing-release",
                    "FormattedString": "cpe:2.3:a:cloudfoundry:routing-release:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.203.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cloudfoundry:cf-deployment",
                    "FormattedString": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "13.7.0",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15": {
                "source": {
                    "34902": "https://github.com/golang/go/issues/34902"
                }
            },
            "1.13.13": {
                "source": {
                    "40211": "https://github.com/golang/go/issues/40211"
                }
            },
            "1.14.5": {
                "source": {
                    "40212": "https://github.com/golang/go/issues/40212"
                }
            }
        }
    },
    "CVE-2020-16845": {
        "CVE-ID": "CVE-2020-16845",
        "NVD": {
            "Descriptions": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:15.2",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:32",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:31",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.13.15",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.14",
                    "VersionEndExcluding": "1.14.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15": {
                "source": {
                    "40618": "https://github.com/golang/go/issues/40618"
                }
            },
            "1.14.7": {
                "source": {
                    "40619": "https://github.com/golang/go/issues/40619"
                }
            },
            "1.13.15": {
                "source": {
                    "40620": "https://github.com/golang/go/issues/40620"
                }
            }
        }
    },
    "CVE-2020-24553": {
        "CVE-ID": "CVE-2020-24553",
        "NVD": {
            "Descriptions": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 6.1,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:15.2",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_cloud_native_core_policy:1.5.0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.5.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.14.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.15.0",
                    "VersionEndExcluding": "1.15.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.1": {
                "source": {
                    "41165": "https://github.com/golang/go/issues/41165"
                }
            },
            "1.14.8": {
                "source": {
                    "41164": "https://github.com/golang/go/issues/41164"
                }
            },
            "1.16": {
                "source": {
                    "40928": "https://github.com/golang/go/issues/40928"
                }
            }
        }
    },
    "CVE-2020-28362": {
        "CVE-ID": "CVE-2020-28362",
        "NVD": {
            "Descriptions": "Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:32",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.14.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.15",
                    "VersionEndExcluding": "1.15.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.5": {
                "source": {
                    "42554": "https://github.com/golang/go/issues/42554"
                }
            },
            "1.14.12": {
                "source": {
                    "42553": "https://github.com/golang/go/issues/42553"
                }
            },
            "1.16": {
                "source": {
                    "42552": "https://github.com/golang/go/issues/42552"
                }
            }
        }
    },
    "CVE-2020-28366": {
        "CVE-ID": "CVE-2020-28366",
        "NVD": {
            "Descriptions": "Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.",
            "Cvss2_BaseScore": 5.1,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:32",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.14.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.15",
                    "VersionEndExcluding": "1.15.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.5": {
                "source": {
                    "42562": "https://github.com/golang/go/issues/42562"
                }
            },
            "NOT_IN_MILESTONE": {
                "source": {
                    "42561": "https://github.com/golang/go/issues/42561"
                }
            },
            "1.14.12": {
                "source": {
                    "42560": "https://github.com/golang/go/issues/42560"
                }
            },
            "1.16": {
                "source": {
                    "42559": "https://github.com/golang/go/issues/42559"
                }
            }
        }
    },
    "CVE-2020-28367": {
        "CVE-ID": "CVE-2020-28367",
        "NVD": {
            "Descriptions": "Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.",
            "Cvss2_BaseScore": 5.1,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.14.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.15",
                    "VersionEndExcluding": "1.15.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.5": {
                "source": {
                    "42558": "https://github.com/golang/go/issues/42558"
                }
            },
            "1.14.12": {
                "source": {
                    "42557": "https://github.com/golang/go/issues/42557"
                }
            },
            "1.16": {
                "source": {
                    "42556": "https://github.com/golang/go/issues/42556",
                    "42555": "https://github.com/golang/go/issues/42555"
                }
            }
        }
    },
    "CVE-2020-28851": {
        "CVE-ID": "CVE-2020-28851",
        "NVD": {
            "Descriptions": "In x/text in Go 1.15.4, an \"index out of range\" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.15.4",
                    "FormattedString": "cpe:2.3:a:golang:go:1.15.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "42535": "https://github.com/golang/go/issues/42535"
                }
            }
        }
    },
    "CVE-2020-29509": {
        "CVE-ID": "CVE-2020-29509",
        "NVD": {
            "Descriptions": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 5.6,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17",
                    "VersionEndIncluding": ""
                }
            ]
        }
    },
    "CVE-2020-29510": {
        "CVE-ID": "CVE-2020-29510",
        "NVD": {
            "Descriptions": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 5.6,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.15"
                }
            ]
        }
    },
    "CVE-2020-29511": {
        "CVE-ID": "CVE-2020-29511",
        "NVD": {
            "Descriptions": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
            "Cvss2_BaseScore": 6.8,
            "Cvss3_BaseScore": 5.6,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17",
                    "VersionEndIncluding": ""
                }
            ]
        }
    },
    "CVE-2020-7919": {
        "CVE-ID": "CVE-2020-7919",
        "NVD": {
            "Descriptions": "Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.",
            "Cvss2_BaseScore": 7.8,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:31",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.12",
                    "VersionEndExcluding": "1.12.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.13",
                    "VersionEndExcluding": "1.13.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.14": {
                "source": {
                    "36837": "https://github.com/golang/go/issues/36837"
                }
            },
            "1.12.16": {
                "source": {
                    "36839": "https://github.com/golang/go/issues/36839"
                }
            },
            "1.13.7": {
                "source": {
                    "36838": "https://github.com/golang/go/issues/36838"
                }
            }
        }
    },
    "CVE-2021-27918": {
        "CVE-ID": "CVE-2021-27918",
        "NVD": {
            "Descriptions": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.9": {
                "source": {
                    "44914": "https://github.com/golang/go/issues/44914"
                }
            },
            "1.16.1": {
                "source": {
                    "44915": "https://github.com/golang/go/issues/44915"
                }
            },
            "1.17": {
                "source": {
                    "44913": "https://github.com/golang/go/issues/44913"
                }
            }
        }
    },
    "CVE-2021-27919": {
        "CVE-ID": "CVE-2021-27919",
        "NVD": {
            "Descriptions": "archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 5.5,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.16.1": {
                "source": {
                    "44917": "https://github.com/golang/go/issues/44917"
                }
            },
            "1.17": {
                "source": {
                    "44916": "https://github.com/golang/go/issues/44916"
                }
            }
        }
    },
    "CVE-2021-29923": {
        "CVE-ID": "CVE-2021-29923",
        "NVD": {
            "Descriptions": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:36",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:timesten_in-memory_database",
                    "FormattedString": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "21.1.1.1.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "30999": "https://github.com/golang/go/issues/30999"
                }
            },
            "NOT_IN_MILESTONE": {
                "source": {
                    "43389": "https://github.com/golang/go/issues/43389"
                }
            }
        }
    },
    "CVE-2021-3114": {
        "CVE-ID": "CVE-2021-3114",
        "NVD": {
            "Descriptions": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
            "Cvss2_BaseScore": 6.4,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:storagegrid:-",
                    "FormattedString": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.14.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.15",
                    "VersionEndExcluding": "1.15.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.7": {
                "source": {
                    "43788": "https://github.com/golang/go/issues/43788"
                }
            },
            "1.14.14": {
                "source": {
                    "43787": "https://github.com/golang/go/issues/43787"
                }
            },
            "1.16": {
                "source": {
                    "43786": "https://github.com/golang/go/issues/43786"
                }
            }
        }
    },
    "CVE-2021-3115": {
        "CVE-ID": "CVE-2021-3115",
        "NVD": {
            "Descriptions": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
            "Cvss2_BaseScore": 5.1,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:storagegrid:-",
                    "FormattedString": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.14.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.15",
                    "VersionEndExcluding": "1.15.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.15.7": {
                "source": {
                    "43785": "https://github.com/golang/go/issues/43785"
                }
            },
            "1.14.14": {
                "source": {
                    "43784": "https://github.com/golang/go/issues/43784"
                }
            },
            "1.16": {
                "source": {
                    "43783": "https://github.com/golang/go/issues/43783"
                }
            }
        }
    },
    "CVE-2021-31525": {
        "CVE-ID": "CVE-2021-31525",
        "NVD": {
            "Descriptions": "net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.",
            "Cvss2_BaseScore": 2.6,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "45710": "https://github.com/golang/go/issues/45710"
                }
            }
        }
    },
    "CVE-2021-33194": {
        "CVE-ID": "CVE-2021-33194",
        "NVD": {
            "Descriptions": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:36",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.15.12"
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.16.4"
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "46288": "https://github.com/golang/go/issues/46288"
                }
            }
        }
    },
    "CVE-2021-33195": {
        "CVE-ID": "CVE-2021-33195",
        "NVD": {
            "Descriptions": "Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 7.3,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "46241": "https://github.com/golang/go/issues/46241"
                }
            },
            "1.16.5": {
                "source": {
                    "46357": "https://github.com/golang/go/issues/46357"
                }
            },
            "1.15.13": {
                "source": {
                    "46356": "https://github.com/golang/go/issues/46356"
                }
            }
        }
    },
    "CVE-2021-33196": {
        "CVE-ID": "CVE-2021-33196",
        "NVD": {
            "Descriptions": "In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "46242": "https://github.com/golang/go/issues/46242"
                }
            },
            "1.16.5": {
                "source": {
                    "46397": "https://github.com/golang/go/issues/46397"
                }
            },
            "1.15.13": {
                "source": {
                    "46396": "https://github.com/golang/go/issues/46396"
                }
            }
        }
    },
    "CVE-2021-33197": {
        "CVE-ID": "CVE-2021-33197",
        "NVD": {
            "Descriptions": "In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "46313": "https://github.com/golang/go/issues/46313"
                }
            },
            "1.16.5": {
                "source": {
                    "46315": "https://github.com/golang/go/issues/46315"
                }
            },
            "1.15.13": {
                "source": {
                    "46314": "https://github.com/golang/go/issues/46314"
                }
            }
        }
    },
    "CVE-2021-33198": {
        "CVE-ID": "CVE-2021-33198",
        "NVD": {
            "Descriptions": "In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "45910": "https://github.com/golang/go/issues/45910"
                }
            },
            "1.16.5": {
                "source": {
                    "46306": "https://github.com/golang/go/issues/46306"
                }
            },
            "1.15.13": {
                "source": {
                    "46305": "https://github.com/golang/go/issues/46305"
                }
            }
        }
    },
    "CVE-2021-34558": {
        "CVE-ID": "CVE-2021-34558",
        "NVD": {
            "Descriptions": "The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.",
            "Cvss2_BaseScore": 2.6,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:timesten_in-memory_database",
                    "FormattedString": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "21.1.1.1.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:storagegrid:-",
                    "FormattedString": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.16.6": {
                "source": {
                    "47145": "https://github.com/golang/go/issues/47145"
                }
            },
            "1.15.14": {
                "source": {
                    "47144": "https://github.com/golang/go/issues/47144"
                }
            },
            "1.17": {
                "source": {
                    "47143": "https://github.com/golang/go/issues/47143"
                }
            }
        }
    },
    "CVE-2021-36221": {
        "CVE-ID": "CVE-2021-36221",
        "NVD": {
            "Descriptions": "Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:siemens:scalance_lpe9403_firmware",
                    "FormattedString": "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:timesten_in-memory_database",
                    "FormattedString": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "21.1.1.1.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.15.15",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.16.0",
                    "VersionEndExcluding": "1.16.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.17": {
                "source": {
                    "46866": "https://github.com/golang/go/issues/46866"
                }
            },
            "1.16.7": {
                "source": {
                    "47474": "https://github.com/golang/go/issues/47474"
                }
            },
            "1.15.15": {
                "source": {
                    "47473": "https://github.com/golang/go/issues/47473"
                }
            }
        }
    },
    "CVE-2021-38297": {
        "CVE-ID": "CVE-2021-38297",
        "NVD": {
            "Descriptions": "Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.",
            "Cvss2_BaseScore": 7.5,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "48797": "https://github.com/golang/go/issues/48797"
                }
            },
            "1.17.2": {
                "source": {
                    "48800": "https://github.com/golang/go/issues/48800"
                }
            },
            "1.16.9": {
                "source": {
                    "48799": "https://github.com/golang/go/issues/48799"
                }
            }
        }
    },
    "CVE-2021-39293": {
        "CVE-ID": "CVE-2021-39293",
        "NVD": {
            "Descriptions": "In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "NOT_IN_MILESTONE": {
                "source": {
                    "47801": "https://github.com/golang/go/issues/47801"
                }
            },
            "1.16.8": {
                "source": {
                    "47985": "https://github.com/golang/go/issues/47985"
                }
            },
            "1.17.1": {
                "source": {
                    "47986": "https://github.com/golang/go/issues/47986"
                }
            }
        }
    },
    "CVE-2021-41771": {
        "CVE-ID": "CVE-2021-41771",
        "NVD": {
            "Descriptions": "ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "48990": "https://github.com/golang/go/issues/48990"
                }
            },
            "1.17.3": {
                "source": {
                    "48992": "https://github.com/golang/go/issues/48992"
                }
            },
            "1.16.10": {
                "source": {
                    "48991": "https://github.com/golang/go/issues/48991"
                }
            }
        }
    },
    "CVE-2021-41772": {
        "CVE-ID": "CVE-2021-41772",
        "NVD": {
            "Descriptions": "Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:timesten_in-memory_database:-",
                    "FormattedString": "cpe:2.3:a:oracle:timesten_in-memory_database:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "48085": "https://github.com/golang/go/issues/48085"
                }
            },
            "1.17.3": {
                "source": {
                    "48252": "https://github.com/golang/go/issues/48252"
                }
            },
            "1.16.10": {
                "source": {
                    "48251": "https://github.com/golang/go/issues/48251"
                }
            }
        }
    },
    "CVE-2021-44716": {
        "CVE-ID": "CVE-2021-44716",
        "NVD": {
            "Descriptions": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "50058": "https://github.com/golang/go/issues/50058"
                }
            },
            "1.16.12": {
                "source": {
                    "50064": "https://github.com/golang/go/issues/50064"
                }
            },
            "1.17.5": {
                "source": {
                    "50065": "https://github.com/golang/go/issues/50065"
                }
            }
        }
    },
    "CVE-2021-44717": {
        "CVE-ID": "CVE-2021-44717",
        "NVD": {
            "Descriptions": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
            "Cvss2_BaseScore": 5.8,
            "Cvss3_BaseScore": 4.8,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "50057": "https://github.com/golang/go/issues/50057"
                }
            },
            "1.16.12": {
                "source": {
                    "50066": "https://github.com/golang/go/issues/50066"
                }
            },
            "1.17.5": {
                "source": {
                    "50067": "https://github.com/golang/go/issues/50067"
                }
            }
        }
    },
    "CVE-2022-1705": {
        "CVE-ID": "CVE-2022-1705",
        "NVD": {
            "Descriptions": "Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53188": "https://github.com/golang/go/issues/53188"
                }
            },
            "1.17.12": {
                "source": {
                    "53432": "https://github.com/golang/go/issues/53432"
                }
            },
            "1.18.4": {
                "source": {
                    "53433": "https://github.com/golang/go/issues/53433"
                }
            }
        }
    },
    "CVE-2022-1962": {
        "CVE-ID": "CVE-2022-1962",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53616": "https://github.com/golang/go/issues/53616"
                }
            },
            "1.17.12": {
                "source": {
                    "53707": "https://github.com/golang/go/issues/53707"
                }
            },
            "1.18.4": {
                "source": {
                    "53708": "https://github.com/golang/go/issues/53708"
                }
            },
            "1.24": {
                "source": {
                    "69138": "https://github.com/golang/go/issues/69138"
                }
            },
            "1.22.7": {
                "source": {
                    "69142": "https://github.com/golang/go/issues/69142"
                }
            },
            "1.23.1": {
                "source": {
                    "69143": "https://github.com/golang/go/issues/69143"
                }
            }
        }
    },
    "CVE-2022-23772": {
        "CVE-ID": "CVE-2022-23772",
        "NVD": {
            "Descriptions": "Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.",
            "Cvss2_BaseScore": 7.8,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:storagegrid:-",
                    "FormattedString": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:kubernetes_monitoring_operator:-",
                    "FormattedString": "cpe:2.3:a:netapp:kubernetes_monitoring_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:beegfs_csi_driver:-",
                    "FormattedString": "cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "50699": "https://github.com/golang/go/issues/50699"
                }
            },
            "1.17.7": {
                "source": {
                    "50701": "https://github.com/golang/go/issues/50701"
                }
            },
            "1.16.14": {
                "source": {
                    "50700": "https://github.com/golang/go/issues/50700"
                }
            }
        }
    },
    "CVE-2022-23773": {
        "CVE-ID": "CVE-2022-23773",
        "NVD": {
            "Descriptions": "cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:storagegrid:-",
                    "FormattedString": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:kubernetes_monitoring_operator:-",
                    "FormattedString": "cpe:2.3:a:netapp:kubernetes_monitoring_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:beegfs_csi_driver:-",
                    "FormattedString": "cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "35671": "https://github.com/golang/go/issues/35671"
                }
            },
            "1.17.7": {
                "source": {
                    "50687": "https://github.com/golang/go/issues/50687"
                }
            },
            "1.16.14": {
                "source": {
                    "50686": "https://github.com/golang/go/issues/50686"
                }
            }
        }
    },
    "CVE-2022-23806": {
        "CVE-ID": "CVE-2022-23806",
        "NVD": {
            "Descriptions": "Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.",
            "Cvss2_BaseScore": 6.4,
            "Cvss3_BaseScore": 9.1,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:storagegrid:-",
                    "FormattedString": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:kubernetes_monitoring_operator:-",
                    "FormattedString": "cpe:2.3:a:netapp:kubernetes_monitoring_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:beegfs_csi_driver:-",
                    "FormattedString": "cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17.0",
                    "VersionEndExcluding": "1.17.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "50974": "https://github.com/golang/go/issues/50974"
                }
            },
            "1.17.7": {
                "source": {
                    "50978": "https://github.com/golang/go/issues/50978"
                }
            },
            "1.16.14": {
                "source": {
                    "50977": "https://github.com/golang/go/issues/50977"
                }
            }
        }
    },
    "CVE-2022-24675": {
        "CVE-ID": "CVE-2022-24675",
        "NVD": {
            "Descriptions": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:36",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:kubernetes_monitoring_operator:-",
                    "FormattedString": "cpe:2.3:a:netapp:kubernetes_monitoring_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "51853": "https://github.com/golang/go/issues/51853"
                }
            },
            "1.18.1": {
                "source": {
                    "52037": "https://github.com/golang/go/issues/52037"
                }
            },
            "1.17.9": {
                "source": {
                    "52036": "https://github.com/golang/go/issues/52036"
                }
            }
        }
    },
    "CVE-2022-24921": {
        "CVE-ID": "CVE-2022-24921",
        "NVD": {
            "Descriptions": "regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:astra_trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:astra_trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.16.15",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.17",
                    "VersionEndExcluding": "1.17.8",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18": {
                "source": {
                    "51112": "https://github.com/golang/go/issues/51112"
                }
            },
            "1.16.15": {
                "source": {
                    "51117": "https://github.com/golang/go/issues/51117"
                }
            },
            "1.17.8": {
                "source": {
                    "51118": "https://github.com/golang/go/issues/51118"
                }
            }
        }
    },
    "CVE-2022-27536": {
        "CVE-ID": "CVE-2022-27536",
        "NVD": {
            "Descriptions": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18.1": {
                "source": {
                    "51763": "https://github.com/golang/go/issues/51763"
                }
            },
            "1.19": {
                "source": {
                    "51759": "https://github.com/golang/go/issues/51759"
                }
            }
        }
    },
    "CVE-2022-27664": {
        "CVE-ID": "CVE-2022-27664",
        "NVD": {
            "Descriptions": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:36",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.19.0",
                    "FormattedString": "cpe:2.3:a:golang:go:1.19.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "54658": "https://github.com/golang/go/issues/54658"
                }
            },
            "1.19.1": {
                "source": {
                    "54376": "https://github.com/golang/go/issues/54376"
                }
            },
            "1.18.6": {
                "source": {
                    "53977": "https://github.com/golang/go/issues/53977"
                }
            }
        }
    },
    "CVE-2022-28131": {
        "CVE-ID": "CVE-2022-28131",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53614": "https://github.com/golang/go/issues/53614"
                }
            },
            "1.17.12": {
                "source": {
                    "53711": "https://github.com/golang/go/issues/53711"
                }
            },
            "1.18.4": {
                "source": {
                    "53712": "https://github.com/golang/go/issues/53712"
                }
            }
        }
    },
    "CVE-2022-28327": {
        "CVE-ID": "CVE-2022-28327",
        "NVD": {
            "Descriptions": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:36",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:34",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:fedoraproject:extra_packages_for_enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:fedoraproject:extra_packages_for_enterprise_linux:7.0",
                    "FormattedString": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.18.1": {
                "source": {
                    "52077": "https://github.com/golang/go/issues/52077"
                }
            },
            "1.17.9": {
                "source": {
                    "52076": "https://github.com/golang/go/issues/52076"
                }
            },
            "1.19": {
                "source": {
                    "52075": "https://github.com/golang/go/issues/52075"
                }
            }
        }
    },
    "CVE-2022-2879": {
        "CVE-ID": "CVE-2022-2879",
        "NVD": {
            "Descriptions": "Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.7",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "54853": "https://github.com/golang/go/issues/54853"
                }
            },
            "1.18.7": {
                "source": {
                    "55925": "https://github.com/golang/go/issues/55925"
                }
            },
            "1.19.2": {
                "source": {
                    "55926": "https://github.com/golang/go/issues/55926"
                }
            }
        }
    },
    "CVE-2022-2880": {
        "CVE-ID": "CVE-2022-2880",
        "NVD": {
            "Descriptions": "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.7",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "54663": "https://github.com/golang/go/issues/54663"
                }
            },
            "1.18.7": {
                "source": {
                    "55842": "https://github.com/golang/go/issues/55842"
                }
            },
            "1.19.2": {
                "source": {
                    "55843": "https://github.com/golang/go/issues/55843"
                }
            }
        }
    },
    "CVE-2022-29526": {
        "CVE-ID": "CVE-2022-29526",
        "NVD": {
            "Descriptions": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.",
            "Cvss2_BaseScore": 5,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:36",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:35",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:beegfs_csi_driver:-",
                    "FormattedString": "cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "52313": "https://github.com/golang/go/issues/52313"
                }
            },
            "1.18.2": {
                "source": {
                    "52440": "https://github.com/golang/go/issues/52440"
                }
            },
            "1.17.10": {
                "source": {
                    "52439": "https://github.com/golang/go/issues/52439"
                }
            }
        }
    },
    "CVE-2022-29804": {
        "CVE-ID": "CVE-2022-29804",
        "NVD": {
            "Descriptions": "Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "52476": "https://github.com/golang/go/issues/52476"
                }
            },
            "1.18.3": {
                "source": {
                    "52479": "https://github.com/golang/go/issues/52479"
                }
            },
            "1.17.11": {
                "source": {
                    "52478": "https://github.com/golang/go/issues/52478"
                }
            }
        }
    },
    "CVE-2022-30580": {
        "CVE-ID": "CVE-2022-30580",
        "NVD": {
            "Descriptions": "Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either \"..com\" or \"..exe\" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "52574": "https://github.com/golang/go/issues/52574"
                }
            },
            "1.18.3": {
                "source": {
                    "53057": "https://github.com/golang/go/issues/53057"
                }
            },
            "1.17.11": {
                "source": {
                    "53056": "https://github.com/golang/go/issues/53056"
                }
            }
        }
    },
    "CVE-2022-30629": {
        "CVE-ID": "CVE-2022-30629",
        "NVD": {
            "Descriptions": "Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 3.1,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "52814": "https://github.com/golang/go/issues/52814"
                }
            },
            "1.18.3": {
                "source": {
                    "52833": "https://github.com/golang/go/issues/52833"
                }
            },
            "1.17.11": {
                "source": {
                    "52832": "https://github.com/golang/go/issues/52832"
                }
            }
        }
    },
    "CVE-2022-30630": {
        "CVE-ID": "CVE-2022-30630",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53415": "https://github.com/golang/go/issues/53415"
                }
            },
            "1.17.12": {
                "source": {
                    "53719": "https://github.com/golang/go/issues/53719"
                }
            },
            "1.18.4": {
                "source": {
                    "53720": "https://github.com/golang/go/issues/53720"
                }
            }
        }
    },
    "CVE-2022-30631": {
        "CVE-ID": "CVE-2022-30631",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53168": "https://github.com/golang/go/issues/53168"
                }
            },
            "1.17.12": {
                "source": {
                    "53717": "https://github.com/golang/go/issues/53717"
                }
            },
            "1.18.4": {
                "source": {
                    "53718": "https://github.com/golang/go/issues/53718"
                }
            }
        }
    },
    "CVE-2022-30632": {
        "CVE-ID": "CVE-2022-30632",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53416": "https://github.com/golang/go/issues/53416"
                }
            },
            "1.17.12": {
                "source": {
                    "53713": "https://github.com/golang/go/issues/53713"
                }
            },
            "1.18.4": {
                "source": {
                    "53714": "https://github.com/golang/go/issues/53714"
                }
            }
        }
    },
    "CVE-2022-30633": {
        "CVE-ID": "CVE-2022-30633",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53611": "https://github.com/golang/go/issues/53611"
                }
            },
            "1.17.12": {
                "source": {
                    "53715": "https://github.com/golang/go/issues/53715"
                }
            },
            "1.18.4": {
                "source": {
                    "53716": "https://github.com/golang/go/issues/53716"
                }
            }
        }
    },
    "CVE-2022-30634": {
        "CVE-ID": "CVE-2022-30634",
        "NVD": {
            "Descriptions": "Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:netapp:cloud_insights_telegraf_agent:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "52561": "https://github.com/golang/go/issues/52561"
                }
            },
            "1.18.3": {
                "source": {
                    "52933": "https://github.com/golang/go/issues/52933"
                }
            },
            "1.17.11": {
                "source": {
                    "52932": "https://github.com/golang/go/issues/52932"
                }
            }
        }
    },
    "CVE-2022-30635": {
        "CVE-ID": "CVE-2022-30635",
        "NVD": {
            "Descriptions": "Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53615": "https://github.com/golang/go/issues/53615"
                }
            },
            "1.17.12": {
                "source": {
                    "53709": "https://github.com/golang/go/issues/53709"
                }
            },
            "1.18.4": {
                "source": {
                    "53710": "https://github.com/golang/go/issues/53710"
                }
            },
            "1.24": {
                "source": {
                    "69139": "https://github.com/golang/go/issues/69139"
                }
            },
            "1.22.7": {
                "source": {
                    "69144": "https://github.com/golang/go/issues/69144"
                }
            },
            "1.23.1": {
                "source": {
                    "69145": "https://github.com/golang/go/issues/69145"
                }
            }
        }
    },
    "CVE-2022-32148": {
        "CVE-ID": "CVE-2022-32148",
        "NVD": {
            "Descriptions": "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53423": "https://github.com/golang/go/issues/53423"
                }
            },
            "1.17.12": {
                "source": {
                    "53620": "https://github.com/golang/go/issues/53620"
                }
            },
            "1.18.4": {
                "source": {
                    "53621": "https://github.com/golang/go/issues/53621"
                }
            }
        }
    },
    "CVE-2022-32189": {
        "CVE-ID": "CVE-2022-32189",
        "NVD": {
            "Descriptions": "A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19": {
                "source": {
                    "53871": "https://github.com/golang/go/issues/53871"
                }
            },
            "1.18.5": {
                "source": {
                    "54095": "https://github.com/golang/go/issues/54095"
                }
            },
            "1.17.13": {
                "source": {
                    "54094": "https://github.com/golang/go/issues/54094"
                }
            }
        }
    },
    "CVE-2022-32190": {
        "CVE-ID": "CVE-2022-32190",
        "NVD": {
            "Descriptions": "JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath(\"https://go.dev\", \"../go\") returns the URL \"https://go.dev/../go\", despite the JoinPath documentation stating that ../ path elements are removed from the result.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.19.0:rc2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.19.0:rc2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.19.0:rc1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.19.0:rc1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.19.0:beta1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.19.0:beta1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.19.0:-",
                    "FormattedString": "cpe:2.3:a:golang:go:1.19.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "54385": "https://github.com/golang/go/issues/54385"
                }
            },
            "1.19.1": {
                "source": {
                    "54635": "https://github.com/golang/go/issues/54635"
                }
            },
            "1.18.6": {
                "source": {
                    "54634": "https://github.com/golang/go/issues/54634"
                }
            }
        }
    },
    "CVE-2022-41715": {
        "CVE-ID": "CVE-2022-41715",
        "NVD": {
            "Descriptions": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.7",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "55949": "https://github.com/golang/go/issues/55949"
                }
            },
            "1.18.7": {
                "source": {
                    "55950": "https://github.com/golang/go/issues/55950"
                }
            },
            "1.19.2": {
                "source": {
                    "55951": "https://github.com/golang/go/issues/55951"
                }
            }
        }
    },
    "CVE-2022-41716": {
        "CVE-ID": "CVE-2022-41716",
        "NVD": {
            "Descriptions": "Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string \"A=B\\x00C=D\" sets the variables \"A=B\" and \"C=D\".",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "56284": "https://github.com/golang/go/issues/56284"
                }
            },
            "1.19.3": {
                "source": {
                    "56328": "https://github.com/golang/go/issues/56328"
                }
            },
            "1.18.8": {
                "source": {
                    "56327": "https://github.com/golang/go/issues/56327"
                }
            }
        }
    },
    "CVE-2022-41717": {
        "CVE-ID": "CVE-2022-41717",
        "NVD": {
            "Descriptions": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:http2:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.4.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "56350": "https://github.com/golang/go/issues/56350"
                }
            },
            "1.19.4": {
                "source": {
                    "57009": "https://github.com/golang/go/issues/57009"
                }
            },
            "1.18.9": {
                "source": {
                    "57008": "https://github.com/golang/go/issues/57008"
                }
            }
        }
    },
    "CVE-2022-41720": {
        "CVE-ID": "CVE-2022-41720",
        "NVD": {
            "Descriptions": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.18.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.20": {
                "source": {
                    "56694": "https://github.com/golang/go/issues/56694"
                }
            },
            "1.19.4": {
                "source": {
                    "57006": "https://github.com/golang/go/issues/57006"
                }
            },
            "1.18.9": {
                "source": {
                    "57005": "https://github.com/golang/go/issues/57005"
                }
            }
        }
    },
    "CVE-2022-41722": {
        "CVE-ID": "CVE-2022-41722",
        "NVD": {
            "Descriptions": "A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as \"a/../c:/b\" into the valid path \"c:\\b\". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path \".\\c:\\b\".",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.20.0:-",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "57274": "https://github.com/golang/go/issues/57274"
                }
            },
            "1.19.6": {
                "source": {
                    "57275": "https://github.com/golang/go/issues/57275"
                }
            },
            "1.20.1": {
                "source": {
                    "57276": "https://github.com/golang/go/issues/57276"
                }
            }
        }
    },
    "CVE-2022-41723": {
        "CVE-ID": "CVE-2022-41723",
        "NVD": {
            "Descriptions": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:http2:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.7.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:hpack:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:hpack:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.7.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:-",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "57855": "https://github.com/golang/go/issues/57855"
                }
            },
            "1.19.6": {
                "source": {
                    "58355": "https://github.com/golang/go/issues/58355"
                }
            },
            "1.20.1": {
                "source": {
                    "58356": "https://github.com/golang/go/issues/58356"
                }
            }
        }
    },
    "CVE-2022-41724": {
        "CVE-ID": "CVE-2022-41724",
        "NVD": {
            "Descriptions": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert).",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.20.0:rc3",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:rc3:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:rc2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:rc2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:rc1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:rc1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:-",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "58001": "https://github.com/golang/go/issues/58001"
                }
            },
            "1.19.6": {
                "source": {
                    "58358": "https://github.com/golang/go/issues/58358"
                }
            },
            "1.20.1": {
                "source": {
                    "58359": "https://github.com/golang/go/issues/58359"
                }
            }
        }
    },
    "CVE-2022-41725": {
        "CVE-ID": "CVE-2022-41725",
        "NVD": {
            "Descriptions": "A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing \"up to maxMemory bytes +10MB (reserved for non-file parts) in memory\". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, \"If stored on disk, the File's underlying concrete type will be an *os.File.\". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.20.0:rc3",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:rc3:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:rc2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:rc2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:rc1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:rc1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.20.0:-",
                    "FormattedString": "cpe:2.3:a:golang:go:1.20.0:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "58006": "https://github.com/golang/go/issues/58006"
                }
            },
            "1.19.6": {
                "source": {
                    "58362": "https://github.com/golang/go/issues/58362"
                }
            },
            "1.20.1": {
                "source": {
                    "58363": "https://github.com/golang/go/issues/58363"
                }
            }
        }
    },
    "CVE-2023-24532": {
        "CVE-ID": "CVE-2023-24532",
        "NVD": {
            "Descriptions": "The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.7",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "58647": "https://github.com/golang/go/issues/58647"
                }
            },
            "1.19.7": {
                "source": {
                    "58719": "https://github.com/golang/go/issues/58719"
                }
            },
            "1.20.2": {
                "source": {
                    "58720": "https://github.com/golang/go/issues/58720"
                }
            }
        }
    },
    "CVE-2023-24534": {
        "CVE-ID": "CVE-2023-24534",
        "NVD": {
            "Descriptions": "HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "58975": "https://github.com/golang/go/issues/58975"
                }
            },
            "1.19.8": {
                "source": {
                    "59267": "https://github.com/golang/go/issues/59267"
                }
            },
            "1.20.3": {
                "source": {
                    "59268": "https://github.com/golang/go/issues/59268"
                }
            }
        }
    },
    "CVE-2023-24536": {
        "CVE-ID": "CVE-2023-24536",
        "NVD": {
            "Descriptions": "Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed, leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3. ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage collector. The combination of these factors can permit an attacker to cause an program that parses multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service. This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix, ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxheaders=.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "59153": "https://github.com/golang/go/issues/59153"
                }
            },
            "1.19.8": {
                "source": {
                    "59269": "https://github.com/golang/go/issues/59269"
                }
            },
            "1.20.3": {
                "source": {
                    "59270": "https://github.com/golang/go/issues/59270"
                }
            }
        }
    },
    "CVE-2023-24537": {
        "CVE-ID": "CVE-2023-24537",
        "NVD": {
            "Descriptions": "Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "59180": "https://github.com/golang/go/issues/59180"
                }
            },
            "1.19.8": {
                "source": {
                    "59273": "https://github.com/golang/go/issues/59273"
                }
            },
            "1.20.3": {
                "source": {
                    "59274": "https://github.com/golang/go/issues/59274"
                }
            }
        }
    },
    "CVE-2023-24538": {
        "CVE-ID": "CVE-2023-24538",
        "NVD": {
            "Descriptions": "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "59234": "https://github.com/golang/go/issues/59234"
                }
            },
            "1.19.8": {
                "source": {
                    "59271": "https://github.com/golang/go/issues/59271"
                }
            },
            "1.20.3": {
                "source": {
                    "59272": "https://github.com/golang/go/issues/59272"
                }
            }
        }
    },
    "CVE-2023-24539": {
        "CVE-ID": "CVE-2023-24539",
        "NVD": {
            "Descriptions": "Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "59720": "https://github.com/golang/go/issues/59720"
                }
            },
            "1.20.4": {
                "source": {
                    "59812": "https://github.com/golang/go/issues/59812"
                }
            },
            "1.19.9": {
                "source": {
                    "59811": "https://github.com/golang/go/issues/59811"
                }
            }
        }
    },
    "CVE-2023-24540": {
        "CVE-ID": "CVE-2023-24540",
        "NVD": {
            "Descriptions": "Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set \"\\t\\n\\f\\r\\u0020\\u2028\\u2029\" in JavaScript contexts that also contain actions may not be properly sanitized during execution.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "59721": "https://github.com/golang/go/issues/59721"
                }
            },
            "1.20.4": {
                "source": {
                    "59814": "https://github.com/golang/go/issues/59814"
                }
            },
            "1.19.9": {
                "source": {
                    "59813": "https://github.com/golang/go/issues/59813"
                }
            }
        }
    },
    "CVE-2023-29400": {
        "CVE-ID": "CVE-2023-29400",
        "NVD": {
            "Descriptions": "Templates containing actions in unquoted HTML attributes (e.g. \"attr={{.}}\") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "59722": "https://github.com/golang/go/issues/59722"
                }
            },
            "1.20.4": {
                "source": {
                    "59816": "https://github.com/golang/go/issues/59816"
                }
            },
            "1.19.9": {
                "source": {
                    "59815": "https://github.com/golang/go/issues/59815"
                }
            }
        }
    },
    "CVE-2023-29402": {
        "CVE-ID": "CVE-2023-29402",
        "NVD": {
            "Descriptions": "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "60167": "https://github.com/golang/go/issues/60167"
                }
            },
            "1.20.5": {
                "source": {
                    "60516": "https://github.com/golang/go/issues/60516"
                }
            },
            "1.19.10": {
                "source": {
                    "60515": "https://github.com/golang/go/issues/60515"
                }
            }
        }
    },
    "CVE-2023-29403": {
        "CVE-ID": "CVE-2023-29403",
        "NVD": {
            "Descriptions": "On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "60272": "https://github.com/golang/go/issues/60272"
                }
            },
            "1.20.5": {
                "source": {
                    "60518": "https://github.com/golang/go/issues/60518"
                }
            },
            "1.19.10": {
                "source": {
                    "60517": "https://github.com/golang/go/issues/60517"
                }
            }
        }
    },
    "CVE-2023-29404": {
        "CVE-ID": "CVE-2023-29404",
        "NVD": {
            "Descriptions": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "60305": "https://github.com/golang/go/issues/60305",
                    "60306": "https://github.com/golang/go/issues/60306"
                }
            },
            "1.20.5": {
                "source": {
                    "60512": "https://github.com/golang/go/issues/60512",
                    "60514": "https://github.com/golang/go/issues/60514"
                }
            },
            "1.19.10": {
                "source": {
                    "60511": "https://github.com/golang/go/issues/60511",
                    "60513": "https://github.com/golang/go/issues/60513"
                }
            }
        }
    },
    "CVE-2023-29405": {
        "CVE-ID": "CVE-2023-29405",
        "NVD": {
            "Descriptions": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "60306": "https://github.com/golang/go/issues/60306",
                    "60305": "https://github.com/golang/go/issues/60305"
                }
            },
            "1.20.5": {
                "source": {
                    "60514": "https://github.com/golang/go/issues/60514",
                    "60512": "https://github.com/golang/go/issues/60512"
                }
            },
            "1.19.10": {
                "source": {
                    "60513": "https://github.com/golang/go/issues/60513",
                    "60511": "https://github.com/golang/go/issues/60511"
                }
            }
        }
    },
    "CVE-2023-29406": {
        "CVE-ID": "CVE-2023-29406",
        "NVD": {
            "Descriptions": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "61431": "https://github.com/golang/go/issues/61431"
                }
            },
            "1.21": {
                "source": {
                    "60374": "https://github.com/golang/go/issues/60374"
                }
            },
            "1.20.6": {
                "source": {
                    "61076": "https://github.com/golang/go/issues/61076"
                }
            },
            "1.19.11": {
                "source": {
                    "61075": "https://github.com/golang/go/issues/61075"
                }
            },
            "1.20.8": {
                "source": {
                    "61826": "https://github.com/golang/go/issues/61826"
                }
            },
            "1.19.13": {
                "source": {
                    "61825": "https://github.com/golang/go/issues/61825"
                }
            },
            "1.21.1": {
                "source": {
                    "61904": "https://github.com/golang/go/issues/61904"
                }
            }
        }
    },
    "CVE-2023-29409": {
        "CVE-ID": "CVE-2023-29409",
        "NVD": {
            "Descriptions": "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go:1.21.0:rc3",
                    "FormattedString": "cpe:2.3:a:golang:go:1.21.0:rc3:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.21.0:rc2",
                    "FormattedString": "cpe:2.3:a:golang:go:1.21.0:rc2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go:1.21.0:rc1",
                    "FormattedString": "cpe:2.3:a:golang:go:1.21.0:rc1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.19.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.7",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21": {
                "source": {
                    "61460": "https://github.com/golang/go/issues/61460"
                }
            },
            "1.20.7": {
                "source": {
                    "61580": "https://github.com/golang/go/issues/61580"
                }
            },
            "1.19.12": {
                "source": {
                    "61579": "https://github.com/golang/go/issues/61579"
                }
            }
        }
    },
    "CVE-2023-39318": {
        "CVE-ID": "CVE-2023-39318",
        "NVD": {
            "Descriptions": "The html/template package does not properly handle HTML-like \"\" comment tokens, nor hashbang \"#!\" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.1,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "62196": "https://github.com/golang/go/issues/62196"
                }
            },
            "1.20.8": {
                "source": {
                    "62395": "https://github.com/golang/go/issues/62395"
                }
            },
            "1.21.1": {
                "source": {
                    "62396": "https://github.com/golang/go/issues/62396"
                }
            }
        }
    },
    "CVE-2023-39319": {
        "CVE-ID": "CVE-2023-39319",
        "NVD": {
            "Descriptions": "The html/template package does not apply the proper rules for handling occurrences of \"<script\", \"<!--\", and \"</script\" within JS literals in <script> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.1,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "62197": "https://github.com/golang/go/issues/62197"
                }
            },
            "1.20.8": {
                "source": {
                    "62397": "https://github.com/golang/go/issues/62397"
                }
            },
            "1.21.1": {
                "source": {
                    "62398": "https://github.com/golang/go/issues/62398"
                }
            }
        }
    },
    "CVE-2023-39320": {
        "CVE-ID": "CVE-2023-39320",
        "NVD": {
            "Descriptions": "The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the \"go\" command was executed within the module. This applies to modules downloaded using the \"go\" command from the module proxy, as well as modules downloaded directly using VCS software.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "62198": "https://github.com/golang/go/issues/62198"
                }
            },
            "1.20.8": {
                "source": {
                    "62393": "https://github.com/golang/go/issues/62393"
                }
            },
            "1.21.1": {
                "source": {
                    "62394": "https://github.com/golang/go/issues/62394"
                }
            }
        }
    },
    "CVE-2023-39321": {
        "CVE-ID": "CVE-2023-39321",
        "NVD": {
            "Descriptions": "Processing an incomplete post-handshake message for a QUIC connection can cause a panic.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "62266": "https://github.com/golang/go/issues/62266"
                }
            },
            "1.21.1": {
                "source": {
                    "62290": "https://github.com/golang/go/issues/62290"
                }
            }
        }
    },
    "CVE-2023-39322": {
        "CVE-ID": "CVE-2023-39322",
        "NVD": {
            "Descriptions": "QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.1",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "62266": "https://github.com/golang/go/issues/62266"
                }
            },
            "1.21.1": {
                "source": {
                    "62290": "https://github.com/golang/go/issues/62290"
                }
            }
        }
    },
    "CVE-2023-39323": {
        "CVE-ID": "CVE-2023-39323",
        "NVD": {
            "Descriptions": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 8.1,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:39",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.2",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "63211": "https://github.com/golang/go/issues/63211"
                }
            },
            "1.20.9": {
                "source": {
                    "63213": "https://github.com/golang/go/issues/63213"
                }
            },
            "1.21.2": {
                "source": {
                    "63214": "https://github.com/golang/go/issues/63214"
                }
            }
        }
    },
    "CVE-2023-39325": {
        "CVE-ID": "CVE-2023-39325",
        "NVD": {
            "Descriptions": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:39",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:astra_trident_autosupport:-",
                    "FormattedString": "cpe:2.3:a:netapp:astra_trident_autosupport:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:astra_trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:astra_trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:http2:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.17.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.20.0",
                    "VersionEndExcluding": "1.20.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "63417": "https://github.com/golang/go/issues/63417"
                }
            },
            "1.21.3": {
                "source": {
                    "63427": "https://github.com/golang/go/issues/63427"
                }
            },
            "1.20.10": {
                "source": {
                    "63426": "https://github.com/golang/go/issues/63426"
                }
            },
            "Unreleased": {
                "source": {
                    "65407": "https://github.com/golang/go/issues/65407"
                }
            }
        }
    },
    "CVE-2023-39326": {
        "CVE-ID": "CVE-2023-39326",
        "NVD": {
            "Descriptions": "A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0-0",
                    "VersionEndExcluding": "1.21.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "64433": "https://github.com/golang/go/issues/64433"
                }
            },
            "1.20.12": {
                "source": {
                    "64434": "https://github.com/golang/go/issues/64434"
                }
            },
            "1.21.5": {
                "source": {
                    "64435": "https://github.com/golang/go/issues/64435"
                }
            }
        }
    },
    "CVE-2023-44487": {
        "CVE-ID": "CVE-2023-44487",
        "NVD": {
            "Descriptions": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:9.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:6.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2022:-",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2019:-",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_server_2016:-",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_11_22h2",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.22621.2428",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_11_21h2",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.22000.2538",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10_22h2",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.19045.3570",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10_21h2",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.19044.3570",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10_1809",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.17763.4974",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10_1607:::~~~~x86~",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.14393.6351",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:microsoft:windows_10_1607:::~~~~x64~",
                    "FormattedString": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.0.14393.6351",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:12.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:11.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:secure_web_appliance_firmware",
                    "FormattedString": "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "15.1.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:nx-os",
                    "FormattedString": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.2\\(7\\)",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:nx-os",
                    "FormattedString": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.2\\(7\\)",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:nx-os",
                    "FormattedString": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.3\\(1\\)",
                    "VersionEndExcluding": "10.3\\(5\\)",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:nx-os",
                    "FormattedString": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.3\\(1\\)",
                    "VersionEndExcluding": "10.3\\(5\\)",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:ios_xr",
                    "FormattedString": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "7.11.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:ios_xe",
                    "FormattedString": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "17.15.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:cisco:fog_director",
                    "FormattedString": "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.22",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:varnish_cache_project:varnish_cache",
                    "FormattedString": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2023-10-10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:traefik:traefik:3.0.0:beta3",
                    "FormattedString": "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:traefik:traefik:3.0.0:beta2",
                    "FormattedString": "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:traefik:traefik:3.0.0:beta1",
                    "FormattedString": "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:traefik:traefik",
                    "FormattedString": "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.10.5",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:web_terminal:-",
                    "FormattedString": "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:support_for_spring_boot:-",
                    "FormattedString": "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:single_sign-on:7.0",
                    "FormattedString": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:service_telemetry_framework:1.5",
                    "FormattedString": "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:service_interconnect:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:self_node_remediation_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:satellite:6.0",
                    "FormattedString": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:run_once_duration_override_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:quay:3.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:process_automation:7.0",
                    "FormattedString": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack_platform:17.1",
                    "FormattedString": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack_platform:16.2",
                    "FormattedString": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack_platform:16.1",
                    "FormattedString": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_virtualization:4",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_service_mesh:2.0",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_serverless:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_secondary_scheduler_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_sandboxed_containers:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_pipelines:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_gitops:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_distributed_tracing:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_developer_tools_and_services:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_dev_spaces:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_data_science:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform_assisted_installer:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:4.0",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_api_for_data_protection:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift:-::~~~aws~~",
                    "FormattedString": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:node_maintenance_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:node_healthcheck_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:network_observability_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:migration_toolkit_for_virtualization:-",
                    "FormattedString": "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:migration_toolkit_for_containers:-",
                    "FormattedString": "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:migration_toolkit_for_applications:6.0",
                    "FormattedString": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:machine_deletion_remediation_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:logging_subsystem_for_red_hat_openshift:-",
                    "FormattedString": "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_fuse:7.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_fuse:6.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_enterprise_application_platform:7.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_data_grid:7.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_core_services:-",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_a-mq_streams:-",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_a-mq:7",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:integration_service_registry:-",
                    "FormattedString": "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:integration_camel_k:-",
                    "FormattedString": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:integration_camel_for_spring_boot:-",
                    "FormattedString": "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:fence_agents_remediation_operator:-",
                    "FormattedString": "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:decision_manager:7.0",
                    "FormattedString": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:cryostat:2.0",
                    "FormattedString": "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:cost_management:-",
                    "FormattedString": "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:certification_for_red_hat_enterprise_linux:9.0",
                    "FormattedString": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:certification_for_red_hat_enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:cert-manager_operator_for_red_hat_openshift:-",
                    "FormattedString": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:ceph_storage:5.0",
                    "FormattedString": "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:build_of_quarkus:-",
                    "FormattedString": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:build_of_optaplanner:8.0",
                    "FormattedString": "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:ansible_automation_platform:2.0",
                    "FormattedString": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:advanced_cluster_security:4.0",
                    "FormattedString": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:advanced_cluster_security:3.0",
                    "FormattedString": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:advanced_cluster_management_for_kubernetes:2.0",
                    "FormattedString": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:3scale_api_management_platform:2.0",
                    "FormattedString": "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:projectcontour:contour:::~~~kubernetes~~",
                    "FormattedString": "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2023-10-11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:openresty:openresty",
                    "FormattedString": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.21.4.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~lts~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "18.0.0",
                    "VersionEndExcluding": "18.18.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "20.0.0",
                    "VersionEndExcluding": "20.8.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nghttp2:nghttp2",
                    "FormattedString": "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.57.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netty:netty",
                    "FormattedString": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "4.1.100",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:oncommand_insight:-",
                    "FormattedString": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:astra_control_center:-",
                    "FormattedString": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:visual_studio_2022",
                    "FormattedString": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "17.0",
                    "VersionEndExcluding": "17.2.20",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:visual_studio_2022",
                    "FormattedString": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "17.4",
                    "VersionEndExcluding": "17.4.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:visual_studio_2022",
                    "FormattedString": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "17.6",
                    "VersionEndExcluding": "17.6.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:visual_studio_2022",
                    "FormattedString": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "17.7",
                    "VersionEndExcluding": "17.7.5",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:cbl-mariner",
                    "FormattedString": "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2023-10-11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:azure_kubernetes_service",
                    "FormattedString": "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2023-10-08",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:asp.net_core",
                    "FormattedString": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "6.0.0",
                    "VersionEndExcluding": "6.0.23",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:asp.net_core",
                    "FormattedString": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.0.0",
                    "VersionEndExcluding": "7.0.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:.net",
                    "FormattedString": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "6.0.0",
                    "VersionEndExcluding": "6.0.23",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:.net",
                    "FormattedString": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.0.0",
                    "VersionEndExcluding": "7.0.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:linkerd:linkerd:::~~stable~kubernetes~~",
                    "FormattedString": "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "2.12.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2.12.5"
                },
                {
                    "URI": "cpe:/a:linkerd:linkerd:2.14.1::~~stable~kubernetes~~",
                    "FormattedString": "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:linkerd:linkerd:2.14.0::~~stable~kubernetes~~",
                    "FormattedString": "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:linkerd:linkerd:2.13.1::~~stable~kubernetes~~",
                    "FormattedString": "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:linkerd:linkerd:2.13.0::~~stable~kubernetes~~",
                    "FormattedString": "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:linecorp:armeria",
                    "FormattedString": "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.26.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:konghq:kong_gateway:::~~enterprise~~~",
                    "FormattedString": "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.4.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:kazu-yamamoto:http2",
                    "FormattedString": "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "4.2.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:jenkins:jenkins:::~~lts~~~",
                    "FormattedString": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2.414.2"
                },
                {
                    "URI": "cpe:/a:jenkins:jenkins:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2.427"
                },
                {
                    "URI": "cpe:/a:istio:istio",
                    "FormattedString": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.17.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:istio:istio",
                    "FormattedString": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.18.0",
                    "VersionEndExcluding": "1.18.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:istio:istio",
                    "FormattedString": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.19.0",
                    "VersionEndExcluding": "1.19.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:ietf:http:2.0",
                    "FormattedString": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:grpc:grpc:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.56.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:grpc:grpc:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.58.0",
                    "VersionEndExcluding": "1.58.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:grpc:grpc:::~~~-~~",
                    "FormattedString": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.59.2"
                },
                {
                    "URI": "cpe:/a:grpc:grpc:1.57.0:-:~~~go~~",
                    "FormattedString": "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:networking:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.17.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:http2:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.17.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0",
                    "VersionEndExcluding": "1.21.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:facebook:proxygen",
                    "FormattedString": "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2023.10.16.00",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:nginx_plus:r30:-",
                    "FormattedString": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:nginx_plus:r29:-",
                    "FormattedString": "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:nginx_plus",
                    "FormattedString": "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "r25",
                    "VersionEndExcluding": "r29",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:nginx_ingress_controller",
                    "FormattedString": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "2.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2.4.2"
                },
                {
                    "URI": "cpe:/a:f5:nginx_ingress_controller",
                    "FormattedString": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "3.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "3.3.0"
                },
                {
                    "URI": "cpe:/a:f5:nginx",
                    "FormattedString": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.9.5",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.25.2"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_websafe:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_websafe",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_websafe",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_websafe",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_websafe",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_webaccelerator:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_webaccelerator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_webaccelerator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_webaccelerator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_webaccelerator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ssl_orchestrator:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ssl_orchestrator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ssl_orchestrator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ssl_orchestrator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ssl_orchestrator",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_policy_enforcement_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_policy_enforcement_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_policy_enforcement_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_policy_enforcement_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_policy_enforcement_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_next_service_proxy_for_kubernetes",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.5.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.8.2"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_next:20.0.1",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_link_controller:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_link_controller",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_link_controller",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_link_controller",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_link_controller",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_global_traffic_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_global_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_global_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_global_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_global_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_fraud_protection_service:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_fraud_protection_service",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_fraud_protection_service",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_fraud_protection_service",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_fraud_protection_service",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_domain_name_system:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_domain_name_system",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_domain_name_system",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_domain_name_system",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_domain_name_system",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ddos_hybrid_defender:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ddos_hybrid_defender",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ddos_hybrid_defender",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ddos_hybrid_defender",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_ddos_hybrid_defender",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_carrier-grade_nat:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_carrier-grade_nat",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_carrier-grade_nat",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_carrier-grade_nat",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_carrier-grade_nat",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_visibility_and_reporting:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_visibility_and_reporting",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_visibility_and_reporting",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_visibility_and_reporting",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_visibility_and_reporting",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_security_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_security_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_security_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_security_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_security_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_acceleration_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_acceleration_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_acceleration_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_acceleration_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_application_acceleration_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_analytics:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_analytics",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_analytics",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_analytics",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_analytics",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_web_application_firewall:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_web_application_firewall",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_web_application_firewall",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_web_application_firewall",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_web_application_firewall",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_firewall_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_firewall_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_firewall_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_firewall_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_advanced_firewall_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_access_policy_manager:17.1.0",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_access_policy_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "13.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_access_policy_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "14.1.5"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_access_policy_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "15.1.10"
                },
                {
                    "URI": "cpe:/a:f5:big-ip_access_policy_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.1.4"
                },
                {
                    "URI": "cpe:/a:envoyproxy:envoy:1.27.0",
                    "FormattedString": "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:envoyproxy:envoy:1.26.4",
                    "FormattedString": "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:envoyproxy:envoy:1.25.9",
                    "FormattedString": "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:envoyproxy:envoy:1.24.10",
                    "FormattedString": "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:eclipse:jetty",
                    "FormattedString": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.4.53",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:eclipse:jetty",
                    "FormattedString": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.0.0",
                    "VersionEndExcluding": "10.0.17",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:eclipse:jetty",
                    "FormattedString": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "11.0.0",
                    "VersionEndExcluding": "11.0.17",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:eclipse:jetty",
                    "FormattedString": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.0.0",
                    "VersionEndExcluding": "12.0.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:dena:h2o",
                    "FormattedString": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2023-10-10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:unified_contact_center_management_portal:-",
                    "FormattedString": "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:unified_contact_center_enterprise_-_live_data_server",
                    "FormattedString": "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "12.6.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:unified_contact_center_enterprise:-",
                    "FormattedString": "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:unified_contact_center_domain_manager:-",
                    "FormattedString": "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:unified_attendant_console_advanced:-",
                    "FormattedString": "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:ultra_cloud_core_-_session_management_function",
                    "FormattedString": "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2024.02.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:ultra_cloud_core_-_serving_gateway_function",
                    "FormattedString": "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2024.02.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0",
                    "FormattedString": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:ultra_cloud_core_-_policy_control_function",
                    "FormattedString": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2024.01.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:telepresence_video_communication_server",
                    "FormattedString": "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "x14.3.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:secure_malware_analytics",
                    "FormattedString": "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.19.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:secure_dynamic_attributes_connector",
                    "FormattedString": "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.2.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:prime_network_registrar",
                    "FormattedString": "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "11.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:prime_infrastructure",
                    "FormattedString": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.10.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:prime_cable_provisioning",
                    "FormattedString": "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "7.2.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:prime_access_registrar",
                    "FormattedString": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.3.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:iot_field_network_director",
                    "FormattedString": "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "4.11.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:firepower_threat_defense",
                    "FormattedString": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "7.4.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:expressway",
                    "FormattedString": "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "x14.3.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:enterprise_chat_and_email:-",
                    "FormattedString": "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:data_center_network_manager:-",
                    "FormattedString": "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:crosswork_zero_touch_provisioning",
                    "FormattedString": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "6.0.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:crosswork_data_gateway:5.0",
                    "FormattedString": "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:crosswork_data_gateway",
                    "FormattedString": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "4.1.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:cisco:connected_mobile_experiences",
                    "FormattedString": "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "11.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:caddyserver:caddy",
                    "FormattedString": "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.7.5",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apple:swiftnio_http%2f2:::~~~swift~~",
                    "FormattedString": "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.28.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "8.1.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "9.0.0",
                    "VersionEndExcluding": "9.2.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone9",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone8",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone7",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone6",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone5",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone4",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone3",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone2",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone11",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone10",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat:11.0.0:milestone1",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:tomcat",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "10.1.13"
                },
                {
                    "URI": "cpe:/a:apache:tomcat",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.5.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.5.93"
                },
                {
                    "URI": "cpe:/a:apache:tomcat",
                    "FormattedString": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "9.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "9.0.80"
                },
                {
                    "URI": "cpe:/a:apache:solr",
                    "FormattedString": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.4.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:apisix",
                    "FormattedString": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.6.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:amazon:opensearch_data_prepper",
                    "FormattedString": "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.5.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:akka:http_server",
                    "FormattedString": "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.5.3",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "63417": "https://github.com/golang/go/issues/63417"
                }
            },
            "Unreleased": {
                "source": {
                    "63805": "https://github.com/golang/go/issues/63805"
                }
            }
        }
    },
    "CVE-2023-45283": {
        "CVE-ID": "CVE-2023-45283",
        "NVD": {
            "Descriptions": "The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \\?, resulting in filepath.Clean(\\?\\c:) returning \\?\\c: rather than \\?\\c:\\ (among other effects). The previous behavior has been restored.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0-0",
                    "VersionEndExcluding": "1.21.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "63713": "https://github.com/golang/go/issues/63713",
                    "64028": "https://github.com/golang/go/issues/64028"
                }
            },
            "1.21.4": {
                "source": {
                    "63715": "https://github.com/golang/go/issues/63715"
                }
            },
            "1.20.11": {
                "source": {
                    "63714": "https://github.com/golang/go/issues/63714"
                }
            },
            "1.20.12": {
                "source": {
                    "64040": "https://github.com/golang/go/issues/64040"
                }
            },
            "1.21.5": {
                "source": {
                    "64041": "https://github.com/golang/go/issues/64041"
                }
            }
        }
    },
    "CVE-2023-45284": {
        "CVE-ID": "CVE-2023-45284",
        "NVD": {
            "Descriptions": "On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as \"COM1 \", and reserved names \"COM\" and \"LPT\" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0-0",
                    "VersionEndExcluding": "1.21.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "63713": "https://github.com/golang/go/issues/63713"
                }
            },
            "1.21.4": {
                "source": {
                    "63715": "https://github.com/golang/go/issues/63715"
                }
            },
            "1.20.11": {
                "source": {
                    "63714": "https://github.com/golang/go/issues/63714"
                }
            }
        }
    },
    "CVE-2023-45285": {
        "CVE-ID": "CVE-2023-45285",
        "NVD": {
            "Descriptions": "Using go get to fetch a module with the \".git\" suffix may unexpectedly fallback to the insecure \"git://\" protocol if the module is unavailable via the secure \"https://\" and \"git+ssh://\" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module proxy and are fetching modules directly (i.e. GOPROXY=off).",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.12",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.21.0-0",
                    "VersionEndExcluding": "1.21.5",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.22": {
                "source": {
                    "63845": "https://github.com/golang/go/issues/63845"
                }
            },
            "1.20.12": {
                "source": {
                    "63972": "https://github.com/golang/go/issues/63972"
                }
            },
            "1.21.5": {
                "source": {
                    "63973": "https://github.com/golang/go/issues/63973"
                }
            }
        }
    },
    "CVE-2023-45287": {
        "CVE-ID": "CVE-2023-45287",
        "NVD": {
            "Descriptions": "Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.20.0",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Proposal": {
                "source": {
                    "20654": "https://github.com/golang/go/issues/20654"
                }
            }
        }
    },
    "CVE-2024-24789": {
        "CVE-ID": "CVE-2024-24789",
        "NVD": {
            "Descriptions": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.21.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.22.0",
                    "VersionEndExcluding": "1.22.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.21.11": {
                "source": {
                    "67553": "https://github.com/golang/go/issues/67553"
                }
            },
            "1.22.4": {
                "source": {
                    "67554": "https://github.com/golang/go/issues/67554"
                }
            },
            "1.23": {
                "source": {
                    "66869": "https://github.com/golang/go/issues/66869"
                }
            }
        }
    },
    "CVE-2024-24790": {
        "CVE-ID": "CVE-2024-24790",
        "NVD": {
            "Descriptions": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.21.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:go",
                    "FormattedString": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.22.0",
                    "VersionEndExcluding": "1.22.4",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.23": {
                "source": {
                    "67680": "https://github.com/golang/go/issues/67680"
                }
            },
            "1.21.11": {
                "source": {
                    "67681": "https://github.com/golang/go/issues/67681"
                }
            },
            "1.22.4": {
                "source": {
                    "67682": "https://github.com/golang/go/issues/67682"
                }
            }
        }
    },
    "CVE-2024-24787": {
        "CVE-ID": "CVE-2024-24787",
        "NVD": {
            "Descriptions": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.4,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": []
        },
        "Official": {
            "1.23": {
                "source": {
                    "67119": "https://github.com/golang/go/issues/67119"
                }
            },
            "1.21.10": {
                "source": {
                    "67121": "https://github.com/golang/go/issues/67121"
                }
            },
            "1.22.3": {
                "source": {
                    "67122": "https://github.com/golang/go/issues/67122"
                }
            }
        }
    },
    "CVE-2023-45288": {
        "CVE-ID": "CVE-2023-45288",
        "NVD": {
            "Descriptions": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": []
        },
        "Official": {
            "1.23": {
                "source": {
                    "66297": "https://github.com/golang/go/issues/66297",
                    "65051": "https://github.com/golang/go/issues/65051"
                }
            },
            "1.20.15": {
                "source": {
                    "65386": "https://github.com/golang/go/issues/65386"
                }
            },
            "1.21.9": {
                "source": {
                    "65387": "https://github.com/golang/go/issues/65387"
                }
            },
            "1.22.2": {
                "source": {
                    "66298": "https://github.com/golang/go/issues/66298"
                }
            }
        }
    },
    "CVE-2024-24783": {
        "CVE-ID": "CVE-2024-24783",
        "NVD": {
            "Descriptions": "Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": []
        },
        "Official": {
            "1.23": {
                "source": {
                    "65390": "https://github.com/golang/go/issues/65390"
                }
            },
            "1.21.8": {
                "source": {
                    "65392": "https://github.com/golang/go/issues/65392"
                }
            },
            "1.20.15": {
                "source": {
                    "65391": "https://github.com/golang/go/issues/65391"
                }
            },
            "1.22.1": {
                "source": {
                    "65831": "https://github.com/golang/go/issues/65831"
                }
            }
        }
    },
    "CVE-2023-45290": {
        "CVE-ID": "CVE-2023-45290",
        "NVD": {
            "Descriptions": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": []
        },
        "Official": {
            "1.23": {
                "source": {
                    "65383": "https://github.com/golang/go/issues/65383"
                }
            },
            "1.21.8": {
                "source": {
                    "65389": "https://github.com/golang/go/issues/65389"
                }
            },
            "1.20.15": {
                "source": {
                    "65388": "https://github.com/golang/go/issues/65388"
                }
            },
            "1.22.1": {
                "source": {
                    "65850": "https://github.com/golang/go/issues/65850"
                }
            }
        }
    },
    "CVE-2023-45289": {
        "CVE-ID": "CVE-2023-45289",
        "NVD": {
            "Descriptions": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 4.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "CPEs": []
        },
        "Official": {
            "1.23": {
                "source": {
                    "65065": "https://github.com/golang/go/issues/65065"
                }
            },
            "1.21.8": {
                "source": {
                    "65385": "https://github.com/golang/go/issues/65385"
                }
            },
            "1.20.15": {
                "source": {
                    "65384": "https://github.com/golang/go/issues/65384"
                }
            },
            "1.22.1": {
                "source": {
                    "65859": "https://github.com/golang/go/issues/65859"
                }
            }
        }
    },
    "CVE-2023-24531": {
        "CVE-ID": "CVE-2023-24531",
        "NVD": {
            "Descriptions": "Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is relatively minor because, in general, if an attacker can set arbitrary environment variables on a system, they have better attack vectors than making \"go env\" print them out.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 9.8,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "CPEs": []
        },
        "Official": {
            "1.21": {
                "source": {
                    "58508": "https://github.com/golang/go/issues/58508"
                }
            }
        }
    },
    "CVE-2022-41727": {
        "CVE-ID": "CVE-2022-41727",
        "NVD": {
            "Descriptions": "An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:tiff:-::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:tiff:-:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:image:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:image:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.5.0",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "1.19.6": {
                "source": {
                    "58403": "https://github.com/golang/go/issues/58403"
                }
            },
            "1.20.1": {
                "source": {
                    "58404": "https://github.com/golang/go/issues/58404"
                }
            },
            "Unreleased": {
                "source": {
                    "58003": "https://github.com/golang/go/issues/58003"
                }
            }
        }
    },
    "CVE-2023-39324": {
        "CVE-ID": "CVE-2023-39324",
        "Official": {
            "1.22": {
                "source": {
                    "63212": "https://github.com/golang/go/issues/63212"
                }
            },
            "1.20.12": {
                "source": {
                    "63215": "https://github.com/golang/go/issues/63215"
                }
            },
            "1.21.5": {
                "source": {
                    "63216": "https://github.com/golang/go/issues/63216"
                }
            }
        }
    },
    "CVE-2024-34158": {
        "CVE-ID": "CVE-2024-34158",
        "NVD": {
            "Descriptions": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": []
        },
        "Official": {
            "1.24": {
                "source": {
                    "69141": "https://github.com/golang/go/issues/69141"
                }
            },
            "1.22.7": {
                "source": {
                    "69148": "https://github.com/golang/go/issues/69148"
                }
            },
            "1.23.1": {
                "source": {
                    "69149": "https://github.com/golang/go/issues/69149"
                }
            }
        }
    },
    "CVE-2024-34157": {
        "CVE-ID": "CVE-2024-34157",
        "Official": {
            "1.24": {
                "source": {
                    "69140": "https://github.com/golang/go/issues/69140"
                }
            },
            "1.22.7": {
                "source": {
                    "69146": "https://github.com/golang/go/issues/69146"
                }
            },
            "1.23.1": {
                "source": {
                    "69147": "https://github.com/golang/go/issues/69147"
                }
            }
        }
    },
    "CVE-2024-34156": {
        "CVE-ID": "CVE-2024-34156",
        "NVD": {
            "Descriptions": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": []
        },
        "Official": {
            "1.24": {
                "source": {
                    "69139": "https://github.com/golang/go/issues/69139"
                }
            },
            "1.22.7": {
                "source": {
                    "69144": "https://github.com/golang/go/issues/69144"
                }
            },
            "1.23.1": {
                "source": {
                    "69145": "https://github.com/golang/go/issues/69145"
                }
            },
            "1.19": {
                "source": {
                    "53615": "https://github.com/golang/go/issues/53615"
                }
            },
            "1.17.12": {
                "source": {
                    "53709": "https://github.com/golang/go/issues/53709"
                }
            },
            "1.18.4": {
                "source": {
                    "53710": "https://github.com/golang/go/issues/53710"
                }
            }
        }
    },
    "CVE-2024-34155": {
        "CVE-ID": "CVE-2024-34155",
        "NVD": {
            "Descriptions": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 4.3,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "CPEs": []
        },
        "Official": {
            "1.24": {
                "source": {
                    "69138": "https://github.com/golang/go/issues/69138"
                }
            },
            "1.22.7": {
                "source": {
                    "69142": "https://github.com/golang/go/issues/69142"
                }
            },
            "1.23.1": {
                "source": {
                    "69143": "https://github.com/golang/go/issues/69143"
                }
            },
            "1.19": {
                "source": {
                    "53616": "https://github.com/golang/go/issues/53616"
                }
            },
            "1.17.12": {
                "source": {
                    "53707": "https://github.com/golang/go/issues/53707"
                }
            },
            "1.18.4": {
                "source": {
                    "53708": "https://github.com/golang/go/issues/53708"
                }
            }
        }
    },
    "CVE-2024-34154": {
        "CVE-ID": "CVE-2024-34154",
        "Official": {
            "1.24": {
                "source": {
                    "68654": "https://github.com/golang/go/issues/68654"
                }
            },
            "1.22.7": {
                "source": {
                    "68657": "https://github.com/golang/go/issues/68657"
                }
            },
            "1.23.1": {
                "source": {
                    "68656": "https://github.com/golang/go/issues/68656"
                }
            }
        }
    },
    "CVE-2024-8244": {
        "CVE-ID": "CVE-2024-8244",
        "Official": {
            "NOT_IN_MILESTONE": {
                "source": {
                    "70007": "https://github.com/golang/go/issues/70007"
                }
            }
        }
    },
    "CVE-2023-48795": {
        "CVE-ID": "CVE-2023-48795",
        "NVD": {
            "Descriptions": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 5.9,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:thorntech:sftp_gateway_firmware",
                    "FormattedString": "cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.4.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:9.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:lancom-systems:lcos_sx:5.20",
                    "FormattedString": "cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:lancom-systems:lcos_sx:4.20",
                    "FormattedString": "cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:lancom-systems:lcos_lx:-",
                    "FormattedString": "cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:lancom-systems:lcos_fx:-",
                    "FormattedString": "cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:lancom-systems:lcos",
                    "FormattedString": "cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "3.66.4"
                },
                {
                    "URI": "cpe:/o:lancom-systems:lanconfig:-",
                    "FormattedString": "cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:freebsd:freebsd",
                    "FormattedString": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "12.4"
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:39",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:apple:macos",
                    "FormattedString": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.0",
                    "VersionEndExcluding": "14.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:winscp:winscp",
                    "FormattedString": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "6.2.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:vandyke:securecrt",
                    "FormattedString": "cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.4.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:trilead:ssh2:6401",
                    "FormattedString": "cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:tinyssh:tinyssh",
                    "FormattedString": "cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "20230101"
                },
                {
                    "URI": "cpe:/a:tera_term_project:tera_term",
                    "FormattedString": "cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "5.1"
                },
                {
                    "URI": "cpe:/a:ssh:ssh",
                    "FormattedString": "cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "5.11",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:ssh2_project:ssh2:::~~~node.js~~",
                    "FormattedString": "cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.11.0"
                },
                {
                    "URI": "cpe:/a:sftpgo_project:sftpgo",
                    "FormattedString": "cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.5.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:russh_project:russh:::~~~rust~~",
                    "FormattedString": "cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.40.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:roumenpetrov:pkixssh",
                    "FormattedString": "cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "14.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:storage:3.0",
                    "FormattedString": "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:single_sign-on:7.0",
                    "FormattedString": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack_platform:17.1",
                    "FormattedString": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack_platform:16.2",
                    "FormattedString": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack_platform:16.1",
                    "FormattedString": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_virtualization:4",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_serverless:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_pipelines:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_gitops:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_developer_tools_and_services:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_dev_spaces:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_data_foundation:4.0",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:4.0",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_api_for_data_protection:-",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:keycloak:-",
                    "FormattedString": "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_enterprise_application_platform:7.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:discovery:-",
                    "FormattedString": "cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:cert-manager_operator_for_red_hat_openshift:-",
                    "FormattedString": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:ceph_storage:6.0",
                    "FormattedString": "cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:advanced_cluster_security:4.0",
                    "FormattedString": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:advanced_cluster_security:3.0",
                    "FormattedString": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:putty:putty",
                    "FormattedString": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.80",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:proftpd:proftpd",
                    "FormattedString": "cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.3.8b"
                },
                {
                    "URI": "cpe:/a:paramiko:paramiko",
                    "FormattedString": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.4.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:panic:transmit_5",
                    "FormattedString": "cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "5.10.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:panic:nova",
                    "FormattedString": "cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "11.8",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oryx-embedded:cyclone_ssh",
                    "FormattedString": "cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.3.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:openbsd:openssh",
                    "FormattedString": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netsarang:xshell_7",
                    "FormattedString": "cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "build__0144",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netgate:pfsense_plus",
                    "FormattedString": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "23.09.1"
                },
                {
                    "URI": "cpe:/a:netgate:pfsense_ce",
                    "FormattedString": "cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2.7.2"
                },
                {
                    "URI": "cpe:/a:net-ssh:net-ssh:7.2.0::~~~ruby~~",
                    "FormattedString": "cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:microsoft:powershell",
                    "FormattedString": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "11.1.0"
                },
                {
                    "URI": "cpe:/a:matez:jsch",
                    "FormattedString": "cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.2.15",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:libssh:libssh",
                    "FormattedString": "cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.10.6",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:libssh2:libssh2",
                    "FormattedString": "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "1.11.10",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:jadaptive:maverick_synergy_java_ssh_api",
                    "FormattedString": "cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.1.0-snapshot",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:crypto",
                    "FormattedString": "cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.17.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:gentoo:security:-",
                    "FormattedString": "cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:filezilla-project:filezilla_client",
                    "FormattedString": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "3.66.4",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:erlang:erlang%2fotp",
                    "FormattedString": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "26.2.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:dropbear_ssh_project:dropbear_ssh",
                    "FormattedString": "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2022.83",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:crushftp:crushftp",
                    "FormattedString": "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "10.6.0"
                },
                {
                    "URI": "cpe:/a:crushftp:crushftp",
                    "FormattedString": "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "10.6.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:crates:thrussh",
                    "FormattedString": "cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.35.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:connectbot:sshlib",
                    "FormattedString": "cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.2.22",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:bitvise:ssh_server",
                    "FormattedString": "cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.32",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:bitvise:ssh_client",
                    "FormattedString": "cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "9.33",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:asyncssh_project:asyncssh",
                    "FormattedString": "cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "2.14.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apache:sshj",
                    "FormattedString": "cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "0.37.0"
                },
                {
                    "URI": "cpe:/a:apache:sshd",
                    "FormattedString": "cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "2.11.0"
                },
                {
                    "URI": "cpe:/a:9bis:kitty",
                    "FormattedString": "cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "0.76.1.13"
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "64784": "https://github.com/golang/go/issues/64784"
                }
            }
        }
    },
    "CVE-2023-3978": {
        "CVE-ID": "CVE-2023-3978",
        "NVD": {
            "Descriptions": "Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.1,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:networking:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.13.0",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "63805": "https://github.com/golang/go/issues/63805",
                    "61615": "https://github.com/golang/go/issues/61615"
                }
            }
        }
    },
    "CVE-2023-29408": {
        "CVE-ID": "CVE-2023-29408",
        "NVD": {
            "Descriptions": "The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:image:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:image:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.10.0",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "61582": "https://github.com/golang/go/issues/61582"
                }
            }
        }
    },
    "CVE-2023-29407": {
        "CVE-ID": "CVE-2023-29407",
        "NVD": {
            "Descriptions": "A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 6.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:fedoraproject:fedora:38",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:37",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:golang:image:::~~~go~~",
                    "FormattedString": "cpe:2.3:a:golang:image:*:*:*:*:*:go:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.10.0",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "61581": "https://github.com/golang/go/issues/61581"
                }
            }
        }
    },
    "CVE-2022-32149": {
        "CVE-ID": "CVE-2022-32149",
        "NVD": {
            "Descriptions": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/a:golang:text",
                    "FormattedString": "cpe:2.3:a:golang:text:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "0.3.8",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "56152": "https://github.com/golang/go/issues/56152"
                }
            }
        }
    },
    "CVE-2022-30636": {
        "CVE-ID": "CVE-2022-30636",
        "NVD": {
            "Descriptions": "httpTokenCacheKey uses path.Base to extract the expected HTTP-01 token value to lookup in the DirCache implementation. On Windows, path.Base acts differently to filepath.Base, since Windows uses a different path separator (\\ vs. /), allowing a user to provide a relative path, i.e. .well-known/acme-challenge/..\\..\\asd becomes ..\\..\\asd. The extracted path is then suffixed with +http-01, joined with the cache directory, and opened. Since the controlled path is suffixed with +http-01 before opening, the impact of this is significantly limited, since it only allows reading arbitrary files on the system if and only if they have this suffix.",
            "Cvss2_BaseScore": 0,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "CPEs": []
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "53082": "https://github.com/golang/go/issues/53082"
                }
            }
        }
    },
    "CVE-2020-11022": {
        "CVE-ID": "CVE-2020-11022",
        "NVD": {
            "Descriptions": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.",
            "Cvss2_BaseScore": 4.3,
            "Cvss3_BaseScore": 6.1,
            "Cvss2_VectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "Cvss3_VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "CPEs": [
                {
                    "URI": "cpe:/o:opensuse:leap:15.2",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h700s_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h700e_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h500s_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h500e_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h410s_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h410c_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h300s_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:netapp:h300e_firmware:-",
                    "FormattedString": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:33",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:32",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:31",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:tenable:log_correlation_engine",
                    "FormattedString": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "6.0.9",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:14.1.1.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:14.1.1.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:12.2.1.4.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:12.2.1.4.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:12.2.1.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:12.2.1.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:12.1.3.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:12.1.3.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:10.3.6.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:weblogic_server:10.3.6.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:storagetek_acsls:8.5.1",
                    "FormattedString": "cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:siebel_ui_framework:20.8",
                    "FormattedString": "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:siebel_ui_framework:20.8",
                    "FormattedString": "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_returns_management:14.1",
                    "FormattedString": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_returns_management:14.1",
                    "FormattedString": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_returns_management:14.0",
                    "FormattedString": "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_returns_management:14.0",
                    "FormattedString": "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:19.0",
                    "FormattedString": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:19.0",
                    "FormattedString": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_back_office:14.1",
                    "FormattedString": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_back_office:14.1",
                    "FormattedString": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_back_office:14.0",
                    "FormattedString": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:retail_back_office:14.0",
                    "FormattedString": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:policy_automation_for_mobile_devices",
                    "FormattedString": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.2.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "12.2.20"
                },
                {
                    "URI": "cpe:/a:oracle:policy_automation_for_mobile_devices",
                    "FormattedString": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.2.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "12.2.20"
                },
                {
                    "URI": "cpe:/a:oracle:policy_automation_connector_for_siebel:10.4.6",
                    "FormattedString": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:policy_automation_connector_for_siebel:10.4.6",
                    "FormattedString": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:policy_automation",
                    "FormattedString": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.2.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "12.2.20"
                },
                {
                    "URI": "cpe:/a:oracle:policy_automation",
                    "FormattedString": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.2.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "12.2.20"
                },
                {
                    "URI": "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58",
                    "FormattedString": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58",
                    "FormattedString": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57",
                    "FormattedString": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57",
                    "FormattedString": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56",
                    "FormattedString": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56",
                    "FormattedString": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:jdeveloper:12.2.1.4.0",
                    "FormattedString": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:jdeveloper:12.2.1.4.0",
                    "FormattedString": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:jdeveloper:12.2.1.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:jdeveloper:12.2.1.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:jdeveloper:11.1.1.9.0",
                    "FormattedString": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:jdeveloper:11.1.1.9.0",
                    "FormattedString": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_insbridge_rating_and_underwriting",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "5.0.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "5.6.0.0"
                },
                {
                    "URI": "cpe:/a:oracle:insurance_insbridge_rating_and_underwriting",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "5.0.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "5.6.0.0"
                },
                {
                    "URI": "cpe:/a:oracle:insurance_data_foundation:8.0.6-8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_data_foundation",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0"
                },
                {
                    "URI": "cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_accounting_analyzer:8.0.9",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:insurance_accounting_analyzer:8.0.9",
                    "FormattedString": "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_simphony:19.1.0-19.1.2",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_simphony:18.2",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_simphony:18.2",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_simphony:18.1",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_simphony:18.1",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_simphony",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "19.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "19.1.2"
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_materials_control:18.1",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:hospitality_materials_control:18.1",
                    "FormattedString": "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.2.1",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.2.1",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.2.0",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.2.0",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.1.1",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:healthcare_foundation:7.1.1",
                    "FormattedString": "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.9"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.9"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_regulatory_reporting_for_european_banking_authority",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_regulatory_reporting_for_european_banking_authority",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_profitability_management:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_profitability_management:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_profitability_management:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_profitability_management:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_profitability_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_profitability_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_liquidity_risk_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_integration_hub:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_integration_hub:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_integration_hub:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_integration_hub:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_integration_hub:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_integration_hub:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_governance_for_us_regulatory_reporting",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.9"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_governance_for_us_regulatory_reporting",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.9"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_foundation",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_data_foundation",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_basic",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_basel_regulatory_capital_basic",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_balance_sheet_planning:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_balance_sheet_planning:8.0.8",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_asset_liability_management:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_asset_liability_management:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_asset_liability_management:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_asset_liability_management:8.0.7",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_asset_liability_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_asset_liability_management:8.0.6",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_analytical_applications_reconciliation_framework",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_analytical_applications_reconciliation_framework",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.8"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_analytical_applications_infrastructure",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0"
                },
                {
                    "URI": "cpe:/a:oracle:financial_services_analytical_applications_infrastructure",
                    "FormattedString": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.6.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.1.0.0.0"
                },
                {
                    "URI": "cpe:/a:oracle:enterprise_session_border_controller:8.4",
                    "FormattedString": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:enterprise_session_border_controller:8.4",
                    "FormattedString": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:enterprise_manager_ops_center:12.4.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:enterprise_manager_ops_center:12.4.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_webrtc_session_controller:7.2",
                    "FormattedString": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_webrtc_session_controller:7.2",
                    "FormattedString": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_services_gatekeeper:7.0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_eagle_application_processor",
                    "FormattedString": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "16.1.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "16.4.0"
                },
                {
                    "URI": "cpe:/a:oracle:communications_diameter_signaling_router_idih%3a",
                    "FormattedString": "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\::*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.2.2"
                },
                {
                    "URI": "cpe:/a:oracle:communications_diameter_signaling_router_idih%3a",
                    "FormattedString": "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\::*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.2.2"
                },
                {
                    "URI": "cpe:/a:oracle:communications_billing_and_revenue_management:7.5.0.23.0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_billing_and_revenue_management:7.5.0.23.0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_billing_and_revenue_management:12.0.0.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_billing_and_revenue_management:12.0.0.3.0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_application_session_controller:3.8m0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:communications_application_session_controller:3.8m0",
                    "FormattedString": "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:blockchain_platform",
                    "FormattedString": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "21.1.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience:20.1",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience:19.2",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience:19.1",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience:18.3",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience:18.2",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience:18.1",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:banking_digital_experience",
                    "FormattedString": "cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "18.1",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "20.1"
                },
                {
                    "URI": "cpe:/a:oracle:application_testing_suite:13.3.0.1",
                    "FormattedString": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0",
                    "FormattedString": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:snapcenter:-",
                    "FormattedString": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:snap_creator_framework:-",
                    "FormattedString": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:oncommand_system_manager",
                    "FormattedString": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "3.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "3.1.3"
                },
                {
                    "URI": "cpe:/a:netapp:oncommand_insight:-",
                    "FormattedString": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:max_data:-",
                    "FormattedString": "cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:jquery:jquery",
                    "FormattedString": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.2",
                    "VersionEndExcluding": "3.5.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:drupal:drupal",
                    "FormattedString": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.0",
                    "VersionEndExcluding": "7.70",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:drupal:drupal",
                    "FormattedString": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.7.0",
                    "VersionEndExcluding": "8.7.14",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:drupal:drupal",
                    "FormattedString": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.8.0",
                    "VersionEndExcluding": "8.8.6",
                    "VersionEndIncluding": ""
                }
            ]
        },
        "Official": {
            "Unreleased": {
                "source": {
                    "39535": "https://github.com/golang/go/issues/39535"
                }
            }
        }
    },
    "CVE-2019-9512": {
        "CVE-ID": "CVE-2019-9512",
        "NVD": {
            "Descriptions": "Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",
            "Cvss2_BaseScore": 7.8,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~lts~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.13.0",
                    "VersionEndExcluding": "10.16.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~lts~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.9.0",
                    "VersionEndExcluding": "8.16.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "10.12.0"
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.0.0",
                    "VersionEndExcluding": "12.8.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.8.1"
                },
                {
                    "URI": "cpe:/a:apple:swiftnio",
                    "FormattedString": "cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.4.0"
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "6.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "6.2.3"
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "7.1.6"
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.3"
                }
            ]
        },
        "Official": {
            "NOT_IN_MILESTONE": {
                "source": {
                    "33606": "https://github.com/golang/go/issues/33606"
                }
            }
        }
    },
    "CVE-2019-9514": {
        "CVE-ID": "CVE-2019-9514",
        "NVD": {
            "Descriptions": "Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.",
            "Cvss2_BaseScore": 7.8,
            "Cvss3_BaseScore": 7.5,
            "Cvss2_VectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "Cvss3_VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "CPEs": [
                {
                    "URI": "cpe:/o:synology:vs960hd_firmware:-",
                    "FormattedString": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_workstation:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_server:7.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux_eus:8.1",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:redhat:enterprise_linux:8.0",
                    "FormattedString": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.1",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:opensuse:leap:15.0",
                    "FormattedString": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:30",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:fedoraproject:fedora:29",
                    "FormattedString": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:9.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:debian:debian_linux:10.0",
                    "FormattedString": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:canonical:ubuntu_linux:19.04",
                    "FormattedString": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~",
                    "FormattedString": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~",
                    "FormattedString": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:synology:skynas:-",
                    "FormattedString": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:synology:diskstation_manager:6.2",
                    "FormattedString": "cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:software_collections:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:single_sign-on:7.3",
                    "FormattedString": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:quay:3.0.0",
                    "FormattedString": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openstack:14",
                    "FormattedString": "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_service_mesh:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:4.2",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:4.1",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:3.9",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:3.11",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:openshift_container_platform:3.10",
                    "FormattedString": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:jboss_core_services:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:redhat:developer_tools:1.0",
                    "FormattedString": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:oracle:graalvm:19.2.0::~~enterprise~~~",
                    "FormattedString": "cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~lts~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.13.0",
                    "VersionEndExcluding": "10.16.3",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~lts~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.9.0",
                    "VersionEndExcluding": "8.16.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "10.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "10.12.0"
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.0.0",
                    "VersionEndExcluding": "12.8.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:nodejs:node.js:::~~-~~~",
                    "FormattedString": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.8.1"
                },
                {
                    "URI": "cpe:/a:netapp:trident:-",
                    "FormattedString": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:netapp:cloud_insights:-",
                    "FormattedString": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:mcafee:web_gateway",
                    "FormattedString": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.7.2.0",
                    "VersionEndExcluding": "7.7.2.24",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:mcafee:web_gateway",
                    "FormattedString": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.8.2.0",
                    "VersionEndExcluding": "7.8.2.13",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:mcafee:web_gateway",
                    "FormattedString": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.1.0",
                    "VersionEndExcluding": "8.2.0",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "11.6.1",
                    "VersionEndExcluding": "11.6.5.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "12.1.0",
                    "VersionEndExcluding": "12.1.5.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "13.1.0",
                    "VersionEndExcluding": "13.1.3.2",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.0.0",
                    "VersionEndExcluding": "14.0.1.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "14.1.0",
                    "VersionEndExcluding": "14.1.2.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:f5:big-ip_local_traffic_manager",
                    "FormattedString": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "15.0.0",
                    "VersionEndExcluding": "15.0.1.1",
                    "VersionEndIncluding": ""
                },
                {
                    "URI": "cpe:/a:apple:swiftnio",
                    "FormattedString": "cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "1.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "1.4.0"
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "6.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "6.2.3"
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "7.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "7.1.6"
                },
                {
                    "URI": "cpe:/a:apache:traffic_server",
                    "FormattedString": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "VersionStartExcluding": "",
                    "VersionStartIncluding": "8.0.0",
                    "VersionEndExcluding": "",
                    "VersionEndIncluding": "8.0.3"
                }
            ]
        },
        "Official": {
            "NOT_IN_MILESTONE": {
                "source": {
                    "33606": "https://github.com/golang/go/issues/33606"
                }
            }
        }
    }
}