{"document":{"acknowledgments":[{"urls":["https://kb.cert.org/vuls/id/421644#acknowledgements"]}],"category":"CERT/CC Vulnerability Note","csaf_version":"2.0","notes":[{"category":"summary","text":"### Overview\r\n\r\nHTTP allows messages to include named fields in both header and trailer sections. These header and trailer fields are serialised as field blocks in HTTP/2, so that they can be transmitted in multiple fragments to the target implementation. Many HTTP/2 implementations do not properly limit or sanitize the amount of CONTINUATION frames sent within a single stream. An attacker that can send packets to a target server can send a stream of CONTINUATION frames that will not be appended to the header list in memory but will still be processed and decoded by the server or will be appended to the header list, causing an out of memory (OOM) crash.\r\n\r\n### Description\r\n\r\nHTTP/2 utilizes header fields within HTTP request and response messages. Header fields can comprise header lists, which in turn are broken into header blocks. These header blocks are transmitted in multiple fragments to the target implementation. HTTP/2 CONTINUATION frames are used to continue a sequence of field block fragments. They are utilized in order to split header blocks across multiple frames. The other two types of header block fragments are HEADERS or PUSH_PROMISE. CONTINUATION frames can be utilized to continue a header block fragment that could not be transmitted by the HEADERS or PUSH_PROMISE frames. A header block is considered completed when the server receives a set END_HEADERS flag. This is intended to denote that there are no further CONTINUATION, HEADERS, or PUSH_PROMISE frames. A vulnerability has been discovered within multiple implementations that does not limit the amount of CONTINUATION frames that can be sent within a single stream.\r\n\r\nThe implementation will continue to receive frames as long as the END_HEADERS flag is not set during these communications. An attacker can initialize a connection to a server with typical HTTP/2 frames and then receive initial frames from the server. The attacker can then begin an HTTP request with no set END_HEADERS flags. This can allow an attacker to send a stream of CONTINUATION frames to the target server, which can result in an out-of-memory crash, enabling an attacker to launch a denial of service (DoS) attack against a target server using a vulnerable implementation.\r\n\r\nAdditionally, an attacker can send HPACK Huffman encoded CONTINUATION frames to a target implementation. This can cause CPU resource exhaustion and result in a DoS as the the CPU must decode every encoded frame that it receives.\r\n\r\nBelow are several CVE listings to reflect the vulnerability within different implementations. \r\n\r\n**CVE-2024-27983**\r\n\r\n\r\nAn attacker can make the Node.js HTTP/2 server unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition.\r\n\r\n**CVE-2024-27919**\r\n\r\n\r\nEnvoy's oghttp codec does not reset a request when header map limits have been exceeded. This allows an attacker to send an sequence of CONTINUATION frames without the END_HEADERS bit set causing unlimited memory consumption.\r\n\r\n**CVE-2024-2758**\r\n\r\n\r\nTempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.\r\n\r\n**CVE-2024-2653**\r\n\r\n\r\namphp/http will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the END_HEADERS flag, resulting in an OOM crash. amphp/http-client and amphp/http-server are indirectly affected if they're used with an unpatched version of amphp/http. Early versions of amphp/http-client with HTTP/2 support (v4.0.0-rc10 to 4.0.0) are also directly affected.\r\n\r\n**CVE-2023-45288**\r\n\r\n\r\nThe Go packages net/http and net/http2 packages do not limit the number of CONTINUATION frames read for an HTTP/2 request, which permits an attacker to provide an arbitrarily large set of headers for a single request, that will be read, decoded, and subsequently discarded, which may result in excessive CPU consumption.\r\n\r\n**CVE-2024-28182**\r\n\r\n\r\nAn implementation using the nghttp2 library will continue to receive CONTINUATION frames, and will not callback to the application to allow visibility into this information before it resets the stream, resulting in a DoS.\r\n\r\n**CVE-2024-27316**\r\n\r\n\r\nHTTP/2 CONTINUATION frames without the END_HEADERS flag set can be sent in a continuous stream by an attacker to an Apache Httpd implementation, which will not properly terminate the request early.\r\n\r\n**CVE-2024-31309**\r\n\r\n\r\nHTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected.\r\n\r\n**CVE-2024-30255**\r\n\r\n\r\nHTTP/2 protocol stack in Envoy versions 1.29.2 or earlier are vulnerable to CPU exhaustion due to flood of CONTINUATION frames.\r\nEnvoys HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoys header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic.\r\n\r\n### Impact\r\n\r\nSuccessful exploitation of this vulnerability can allow an attacker the capability to launch DoS attacks against servers utilizing vulnerable implementations. \r\n\r\n### Solution\r\n\r\nDifferent HTTP/2 implementations may have separate, unique vulnerabilities specific to that implementation. It is important to note that it may be difficult to analyze incoming malicious traffic exploiting this vulnerability as the HTTP request is not properly completed. Analysis of raw HTTP traffic may be necessary to determine an attack utilizing this vulnerability.\r\n\r\n### Acknowledgements\r\n\r\nThank you to Bartek Nowotarski for reporting the vulnerability. This document was written by Christopher Cullen.","title":"Summary"},{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN 'AS IS' BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. ","title":"Legal Disclaimer"},{"category":"other","text":"CERT/CC Vulnerability Note is a limited advisory. It primarily identifies vendors impacted by the advisory and not specific products. We only support \"known_affected\" and \"known_not_affected\" status. Please consult the vendor's statements and advisory URL if provided by the vendor for more details ","title":"Limitations of Advisory"},{"category":"other","text":"This is not a specification vulnerability.\r\n\r\nRFC 9113 already cautions implementations about the possibility of Denial of Service due to 'large numbers of small or empty frames.'","title":"Vendor statment from IETF HTTP Working Group"},{"category":"other","text":"Cisco has a list of products that leverage HTTP/2 bugs have been opened for investigation now this is public. Cisco will communicate these vulnerabilities status via CVR (https://sec.cloudapps.cisco.com/security/center/cvr).","title":"Vendor statment from Cisco"},{"category":"other","text":"Memory consumption in Varnish in processing HPACK is limited to a fixed buffer size, regardless of the size of the incoming header set.\r\nThus Varnish is not at any risk of runaway memory consumption due to an arbitrarily large incoming header set. After this buffer is exceeded, Varnish will keep processing CONTINUATION frames and perform dynamic table updates correspondingly. Thus keeping the HPACK state consistent for future streams on the same connection.","title":"Vendor statment from Varnish Software"},{"category":"other","text":"The Go packages `net/http` and `golang.org/x/net/http2` packages set a configurable limit on the size of headers for a request. They do not, however, limit the number of `CONTINUATION` frames read for an HTTP/2 request. This permits an attacker to provide an arbitrarily large set of headers for a single request, which will be read, decoded, and subsequently discarded. This attack vector does not permit an attacker to cause memory exhaustion, since excessive headers will be discarded. It may permit an attacker to cause excessive CPU consumption.\r\n\r\nWe intend to release a fix for this vulnerability when the release embargo ends.","title":"Vendor statment from Go Programming Language"},{"category":"other","text":"HTTP/2 attacks involving CONTINUATION headers do not impact the resource utilization of F5 products (including BIG-IP products, NGINX and F5 Distributed Cloud).\r\n\r\nAs with other DoS vectors (HTTP/1.x and HTTP/2), for NGINX F5 recommends tuning the following settings to suit your environment (worker_rlimit_nofile, worker_connections, keepalive_timeout, client_header_timeout). Similarly, F5 recommends configuring appropriate limits and protections for BIG-IP products (e.g., AFM DoS Profiles, ASM DoS Profiles, Virtual Server connection limits and timeouts and, for HTTP/2, the Concurrent Streams Per Connection setting).","title":"Vendor statment from F5 Networks"},{"category":"other","text":"Arista Networks has products affected by these vulnerabilities. Complete details on affected products and impact can be found at: https://www.arista.com/en/support/advisories-notices/security-advisory/19221-security-advisory-0094","title":"Vendor statment from Arista Networks"},{"category":"other","text":"The lighttpd web server is not specifically vulnerable to DoS attacks utilizing HTTP/2 CONTINUATION frames.  lighttpd memory allocation while collecting raw HEADERS + CONTINUATION frames is bounded to < 64k; lighttpd limits the raw HEADERS + CONTINUATION frames to 64k (not HPACK-decoded) and lighttpd does not spend any resources HPACK-decoding until after END_HEADERS is received (which does not occur in this CONTINUATION frame attack).  CPU usage by lighttpd is minimal to append CONTINUATION frames to the stream buffer for HEADERS.  lighttpd will not get stuck servicing a single HTTP/2 connection, as lighttpd performs a single recv() on an HTTP/2 socket, processes complete HTTP/2 frames, and then goes on to process other sockets with pending events.","title":"Vendor statment from lighttpd"},{"category":"other","text":"amphp/http will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the END_HEADERS flag, resulting in an OOM crash. amphp/http-client and amphp/http-server are indirectly affected if they're used with an unpatched version of amphp/http. Early versions of amphp/http-client with HTTP/2 support (v4.0.0-rc10 to 4.0.0) are also directly affected.","title":"Vendor statment from AMPHP"},{"category":"other","text":"Muonics does not implement HTTP/2 or use any HTTP/2 implementations in any of its products at this time.","title":"Vendor statment from Muonics Inc."},{"category":"other","text":"HTTP/2 support in Junos OS and Junos OS Evolved is limited to nginx, which is used for telemetry starting in 24.1.  According to the researcher, nginx is not vulnerable to this issue.","title":"Vendor statment from Juniper Networks"},{"category":"other","text":"Eclipse Jetty and Vert.X are not affected by this issue.","title":"Vendor statment from Eclipse Foundation"},{"category":"other","text":"eCosPro RTOS does not contain http2 implementation","title":"Vendor statment from eCosCentric"},{"category":"other","text":"Wireshark uses CONTINUATION frames to keep track of the header state and uses the nghttp2 library for decompression, but does not appear to be affected by these issues.","title":"Vendor statment from Wireshark"}],"publisher":{"category":"coordinator","contact_details":"Email: cert@cert.org, Phone: +1412 268 5800","issuing_authority":"CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ","name":"CERT/CC","namespace":"https://kb.cert.org/"},"references":[{"url":"https://certcc.github.io/certcc_disclosure_policy","summary":"CERT/CC vulnerability disclosure policy"},{"summary":"CERT/CC document released","category":"self","url":"https://kb.cert.org/vuls/id/421644"},{"url":"https://nowotarski.info/","summary":"https://nowotarski.info/"},{"url":"https://datatracker.ietf.org/doc/html/rfc7540","summary":"https://datatracker.ietf.org/doc/html/rfc7540"},{"url":"https://www.kb.cert.org/vuls/id/605641/","summary":"https://www.kb.cert.org/vuls/id/605641/"},{"url":"https://vuls.cert.org/confluence/pages/viewpage.action?pageId=56393752","summary":"https://vuls.cert.org/confluence/pages/viewpage.action?pageId=56393752"},{"url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md","summary":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"},{"url":"https://httpwg.org/specs/rfc9113.html#dos","summary":"Reference(s) from vendor \"IETF HTTP Working Group\""},{"url":"https://github.com/amphp/http/security/advisories/GHSA-qjfw-cvjf-f4fm","summary":"Reference(s) from vendor \"AMPHP\""},{"url":"https://github.com/amphp/http-client/security/advisories/GHSA-w8gf-g2vq-j2f4","summary":"Reference(s) from vendor \"AMPHP\""},{"url":"https://blog.litespeedtech.com/2024/04/04/not-vulnerable-to-http-2-continuation-flood/","summary":"Reference(s) from vendor \"LiteSpeed Technologies\""}],"title":"HTTP/2 CONTINUATION frames can be utilized for DoS attacks","tracking":{"current_release_date":"2024-07-19T11:21:11+00:00","generator":{"engine":{"name":"VINCE","version":"3.0.35"}},"id":"VU#421644","initial_release_date":"2024-04-03 17:15:18.031722+00:00","revision_history":[{"date":"2024-07-19T11:21:11+00:00","number":"1.20240719112111.18","summary":"Released on 2024-07-19T11:21:11+00:00"}],"status":"final","version":"1.20240719112111.18"}},"vulnerabilities":[{"title":"IBM WebSphere Application Server Liberty 18.","notes":[{"category":"summary","text":"IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources."}],"cve":"CVE-2024-27268","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"product_status":{"known_not_affected":["CSAFPID-c7a1e598-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a21fae-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a24f2e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a2b946-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a2e740-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a327e6-3770-11f1-8422-122e2785dc9f"]}},{"title":"An implementation using the nghttp2 library will continue to receive CONTINUATION frames, and will not callback to the application to allow visibility into this information before it resets the stream, resulting in a DoS.","notes":[{"category":"summary","text":"An implementation using the nghttp2 library will continue to receive CONTINUATION frames, and will not callback to the application to allow visibility into this information before it resets the stream, resulting in a DoS."}],"cve":"CVE-2024-28182","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://www.ecoscentric.com","summary":"eCosPro RTOS does not contain nghttp2 library","category":"external"},{"url":"https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2024-28182#~cve","summary":"https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2024-28182#~cve","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7a51bc8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a768b0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a9b37c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7aaf688-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7a38dda-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a42bfa-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a47aa6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a4bade-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a5b1b4-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a61230-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a66a64-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a6a786-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a6d0ee-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a7104a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a74056-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a7dcbe-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a85572-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a8a914-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a8ef14-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a91d4a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a950d0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7a9ec2a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7aa30a4-3770-11f1-8422-122e2785dc9f","CSAFPID-c7aa79ba-3770-11f1-8422-122e2785dc9f","CSAFPID-c7aabb96-3770-11f1-8422-122e2785dc9f"]}},{"title":"The Go packages net/http and golang.","notes":[{"category":"summary","text":"The Go packages net/http and golang.org/x/net/http2 packages do not limit the number of CONTINUATION frames read for an HTTP/2 request, which permits an attacker to provide an arbitrarily large set of headers for a single request, that will be read, decoded, and subsequently discarded, which may result in excessive CPU consumption."}],"cve":"CVE-2023-45288","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://httpwg.org/specs/rfc9113.html#dos","summary":"eCosPro RTOS does not contain Go packages net/http and golang.org/x/net/http2","category":"external"},{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"eCosPro RTOS does not contain Go packages net/http and golang.org/x/net/http2","category":"external"},{"url":"https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2023-45288#~cve","summary":"https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2023-45288#~cve","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7acb9f0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ace7d6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7add8b2-3770-11f1-8422-122e2785dc9f","CSAFPID-c7aed000-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b0e0c0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b245d2-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7ab6672-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ab9e8a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7abd10c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ac2b20-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ac5302-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ac81d8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ad200c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ad4adc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ad725a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ad9a50-3770-11f1-8422-122e2785dc9f","CSAFPID-c7adfee6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ae4266-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ae83b6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7af2e7e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7af5548-3770-11f1-8422-122e2785dc9f","CSAFPID-c7af7e38-3770-11f1-8422-122e2785dc9f","CSAFPID-c7afbbbe-3770-11f1-8422-122e2785dc9f","CSAFPID-c7afe544-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b03148-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b0694c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b0a74a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b11464-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b13e26-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b19d44-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b1eb1e-3770-11f1-8422-122e2785dc9f"]}},{"title":"amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash.","notes":[{"category":"summary","text":"amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash."}],"cve":"CVE-2024-2653","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"eCosPro RTOS does not provide AMPHP","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7b4efda-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b803dc-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7b2d48e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b35486-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b38604-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b3ade6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b3d514-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b44b98-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b4776c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b4af3e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b54264-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b57676-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b5b686-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b5dfa8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b63958-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b66fea-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b6cac6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b6fe06-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b7485c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b7861e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b7b88c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b8545e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b89e8c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b8d7da-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b912fe-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b9401c-3770-11f1-8422-122e2785dc9f"]}},{"title":"Tempesta FW rate limits are not enabled by default.","notes":[{"category":"summary","text":"Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately."}],"cve":"CVE-2024-2758","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"No Cisco products are known to run Temesta FW.","category":"external"},{"url":"https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2024-2758#~cve","summary":"No Cisco products are known to run Temesta FW.","category":"external"}],"product_status":{"known_not_affected":["CSAFPID-c7b9b86c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7b9e77e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ba5c68-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ba8e0e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bab6a4-3770-11f1-8422-122e2785dc9f","CSAFPID-c7baec3c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bb164e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bb657c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bb8e9e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bbc1b6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bbf550-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bc2ffc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bc57e8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bc845c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bcbf12-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bd059e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bd3c9e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bd6782-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bd9720-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bdc61e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bdf92c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7be2276-3770-11f1-8422-122e2785dc9f","CSAFPID-c7be49cc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7be7e24-3770-11f1-8422-122e2785dc9f","CSAFPID-c7beae3a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bee026-3770-11f1-8422-122e2785dc9f"]}},{"title":"Envoy's oghttp codec does not reset a request when header map limits have been exceeded.","notes":[{"category":"summary","text":"Envoy's oghttp codec does not reset a request when header map limits have been exceeded. This allows an attacker to send an sequence of CONTINUATION frames without the END_HEADERS bit set causing unlimited memory consumption."}],"cve":"CVE-2024-27919","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"eCosPro RTOS does not provide HTTP/2 library","category":"external"}],"product_status":{"known_not_affected":["CSAFPID-c7bf5b46-3770-11f1-8422-122e2785dc9f","CSAFPID-c7bfcf2c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c01f90-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c06a4a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c0d20a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c17336-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c1fa86-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c23bcc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c27f7e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c2a9e0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c2d30c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c30eda-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c3611e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c39648-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c3c0dc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c3f638-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c42aae-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c475f4-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c4a704-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c4df44-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c53ef8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c575b2-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c5ad2a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c5e560-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c61ed6-3770-11f1-8422-122e2785dc9f"]}},{"title":"HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server.","notes":[{"category":"summary","text":"HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected."}],"cve":"CVE-2024-31309","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"eCosPro RTOS does not contain Apache code","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7c8b290-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7c6a130-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c6d47a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c7634a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c79b62-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c7f74c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c82d20-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c85da4-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c88a86-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c8e562-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c9694c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c9b6b8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7c9feac-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ca40ba-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ca6e00-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ca9cd6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cae150-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cb5496-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cb8be6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cbc80e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cc0cce-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cc6476-3770-11f1-8422-122e2785dc9f"]}},{"title":"HTTP/2 protocol stack in Envoy versions 1.","notes":[{"category":"summary","text":"HTTP/2 protocol stack in Envoy versions 1.29.2 or earlier are vulnerable to CPU exhaustion due to flood of CONTINUATION frames.\r\n\r\nEnvoy's HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy's header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic."}],"cve":"CVE-2024-30255","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"Cisco will update Cisco Vulnerability Repository with any impact.","category":"external"},{"url":"https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2024-30255#~cve","summary":"Cisco will update Cisco Vulnerability Repository with any impact.","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7ce9a70-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7ccd488-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cd12a4-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cd771c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cdbbaa-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cde7d8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ce141a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ce402a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ce6776-3770-11f1-8422-122e2785dc9f","CSAFPID-c7ced436-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cf3f20-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cf677a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cf8fe8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7cfc472-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d02c64-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d05414-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d0ad42-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d0d51a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d0fdf6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d142ac-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d1788a-3770-11f1-8422-122e2785dc9f"]}},{"title":"HTTP/2 CONTINUATION frames without the END_HEADERS flag set can be sent in a continuous stream by an attacker to an Apache Httpd implementation, which will not properly terminate the request early.","notes":[{"category":"summary","text":"HTTP/2 CONTINUATION frames without the END_HEADERS flag set can be sent in a continuous stream by an attacker to an Apache Httpd implementation, which will not properly terminate the request early."}],"cve":"CVE-2024-27316","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"eCosPro RTOS does not contain Apache derived Httpd implementation","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7d4d3cc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d5f64e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d917b6-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7d207a0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d24008-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d28202-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d2c6ea-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d30718-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d39d90-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d3d3e6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d4109a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d439b2-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d463ce-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d49830-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d521b0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d56a6c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d5a7ac-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d6ac92-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d71d80-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d745c6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d782de-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d7aca0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d80416-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d85268-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d8c5fe-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d9703a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7d9cbe8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7da0aea-3770-11f1-8422-122e2785dc9f"]}},{"title":"An attacker can make the Node.","notes":[{"category":"summary","text":"An attacker can make the Node.js HTTP/2 server unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition."}],"cve":"CVE-2024-27983","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#421644"}],"references":[{"url":"https://doc.ecoscentric.com/ref/index.html","summary":"eCosPro RTOS does not contain Nod.js code","category":"external"}],"product_status":{"known_affected":["CSAFPID-c7dd2ae0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7deb5fe-3770-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-c7daa05e-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dadd80-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dbb0c0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dc00ac-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dc5b1a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dca55c-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dced28-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dd8968-3770-11f1-8422-122e2785dc9f","CSAFPID-c7de23dc-3770-11f1-8422-122e2785dc9f","CSAFPID-c7de6716-3770-11f1-8422-122e2785dc9f","CSAFPID-c7df04e6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7df5ba8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7df97c6-3770-11f1-8422-122e2785dc9f","CSAFPID-c7dfe8e8-3770-11f1-8422-122e2785dc9f","CSAFPID-c7e01bb0-3770-11f1-8422-122e2785dc9f","CSAFPID-c7e07c4a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7e0ae9a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7e0e45a-3770-11f1-8422-122e2785dc9f","CSAFPID-c7e12596-3770-11f1-8422-122e2785dc9f","CSAFPID-c7e17c3a-3770-11f1-8422-122e2785dc9f"]}}],"product_tree":{"branches":[{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7a1e598-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7a21fae-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7a24f2e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7a2b946-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7a2e740-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7a327e6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7a38dda-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7a3d880-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7a42bfa-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7a47aa6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7a4bade-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7a51bc8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7a5569c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-c7a5b1b4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7a61230-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-c7a66a64-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7a6a786-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7a6d0ee-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7a7104a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7a74056-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7a768b0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tempesta","product":{"name":"Tempesta Products","product_id":"CSAFPID-c7a79a6a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7a7dcbe-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7a81850-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7a85572-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7a87eee-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7a8a914-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-c7a8ef14-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7a91d4a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7a950d0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7a9b37c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7a9ec2a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7aa30a4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7aa79ba-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7aabb96-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7aaf688-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Softvelum","product":{"name":"Softvelum Products","product_id":"CSAFPID-c7ab6672-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7ab9e8a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7abd10c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7ac00d2-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7ac2b20-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7ac5302-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Rust Security Response WG","product":{"name":"Rust Security Response WG Products","product_id":"CSAFPID-c7ac81d8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7acb9f0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-c7ace7d6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7ad200c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"netsnmp","product":{"name":"netsnmp Products","product_id":"CSAFPID-c7ad4adc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-c7ad725a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7ad9a50-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7add8b2-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7adfee6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7ae4266-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7ae83b6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7aed000-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tempesta","product":{"name":"Tempesta Products","product_id":"CSAFPID-c7af06e2-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7af2e7e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7af5548-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7af7e38-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7afbbbe-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7afe544-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-c7b03148-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7b0694c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7b0a74a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7b0e0c0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7b11464-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7b13e26-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7b19d44-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7b1eb1e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7b245d2-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7b2d48e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7b31728-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7b35486-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7b38604-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7b3ade6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7b3d514-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7b40bf6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-c7b44b98-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7b4776c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-c7b4af3e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7b4efda-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7b54264-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7b57676-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7b5b686-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7b5dfa8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tempesta","product":{"name":"Tempesta Products","product_id":"CSAFPID-c7b61130-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7b63958-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7b66fea-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7b6cac6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7b6fe06-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7b7485c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-c7b7861e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7b7b88c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7b803dc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7b82c72-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7b8545e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7b89e8c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7b8d7da-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7b912fe-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7b9401c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7b9b86c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7b9e77e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7ba222a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7ba5c68-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7ba8e0e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7bab6a4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7baec3c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7bb164e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7bb3e44-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-c7bb657c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7bb8e9e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7bbc1b6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7bbf550-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7bc2ffc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7bc57e8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7bc845c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7bcbf12-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7bd059e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7bd3c9e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-c7bd6782-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7bd9720-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7bdc61e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7bdf92c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7be2276-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7be49cc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7be7e24-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7beae3a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7bee026-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7bf5b46-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7bf888c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7bfcf2c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7c01f90-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7c06a4a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7c0d20a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-c7c17336-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7c1b76a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7c1fa86-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7c23bcc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7c27f7e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7c2a9e0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7c2d30c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7c30eda-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tempesta","product":{"name":"Tempesta Products","product_id":"CSAFPID-c7c337ca-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7c3611e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7c39648-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7c3c0dc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7c3f638-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7c42aae-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-c7c475f4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7c4a704-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7c4df44-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7c516f8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7c53ef8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7c575b2-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7c5ad2a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7c5e560-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7c61ed6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7c6a130-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7c6d47a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7c71020-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7c7634a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7c79b62-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7c7f74c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7c82d20-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7c85da4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7c88a86-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7c8b290-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7c8e562-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7c919f6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7c9694c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7c9b6b8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7c9feac-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7ca40ba-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7ca6e00-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7ca9cd6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7cae150-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7cb24c6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7cb5496-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7cb8be6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7cbc80e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7cc0cce-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7cc6476-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7ccd488-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7cd12a4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7cd44a4-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7cd771c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7cdbbaa-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7cde7d8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7ce141a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7ce402a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7ce6776-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7ce9a70-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7ced436-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7cf12e8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7cf3f20-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7cf677a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7cf8fe8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7cfc472-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7cff852-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7d02c64-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7d05414-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7d07c1e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7d0ad42-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7d0d51a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7d0fdf6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7d142ac-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7d1788a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7d207a0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7d24008-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7d28202-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7d2c6ea-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7d30718-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7d36488-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Softvelum","product":{"name":"Softvelum Products","product_id":"CSAFPID-c7d39d90-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-c7d3d3e6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7d4109a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"netsnmp","product":{"name":"netsnmp Products","product_id":"CSAFPID-c7d439b2-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-c7d463ce-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7d49830-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7d4d3cc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7d521b0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7d56a6c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7d5a7ac-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7d5f64e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tempesta","product":{"name":"Tempesta Products","product_id":"CSAFPID-c7d6559e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7d6ac92-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7d6d992-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7d71d80-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7d745c6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7d782de-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-c7d7aca0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7d80416-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7d85268-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7d888fa-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7d8c5fe-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7d917b6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7d9703a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7d9cbe8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7da0aea-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-c7daa05e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-c7dadd80-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-c7db216e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-c7db734e-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-c7dbb0c0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-c7dc00ac-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Eclipse Foundation","product":{"name":"Eclipse Foundation Products","product_id":"CSAFPID-c7dc5b1a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-c7dca55c-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-c7dced28-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-c7dd2ae0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-c7dd8968-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IETF HTTP Working Group","product":{"name":"IETF HTTP Working Group Products","product_id":"CSAFPID-c7ddde22-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-c7de23dc-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-c7de6716-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-c7deb5fe-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-c7df04e6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-c7df5ba8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-c7df97c6-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-c7dfe8e8-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMPHP","product":{"name":"AMPHP Products","product_id":"CSAFPID-c7e01bb0-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-c7e05152-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Tomcat","product":{"name":"Apache Tomcat Products","product_id":"CSAFPID-c7e07c4a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache HTTP Server Project","product":{"name":"Apache HTTP Server Project Products","product_id":"CSAFPID-c7e0ae9a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Varnish Software","product":{"name":"Varnish Software Products","product_id":"CSAFPID-c7e0e45a-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AMD","product":{"name":"AMD Products","product_id":"CSAFPID-c7e12596-3770-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-c7e17c3a-3770-11f1-8422-122e2785dc9f"}}]}}