CVE-2020-13358 - Vulnerability Details

Vendors	Products
Gitlab	Gitlab

Link	Providers
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json
https://gitlab.com/gitlab-org/gitlab/-/issues/241674

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Gitlab CE/EE", "vendor": "GitLab", "versions": [{"status": "affected", "version": ">=13.4"}, {"status": "affected", "version": "<13.4.5"}, {"status": "affected", "version": ">=13.3"}, {"status": "affected", "version": "<13.3.9"}, {"status": "affected", "version": ">=13.5"}, {"status": "affected", "version": "<13.5.2"}]}], "credits": [{"lang": "en", "value": "This vulnerability has been discovered internally by the GitLab team"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Improper authorization in GitLab", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-17T00:20:25", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/241674"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@gitlab.com", "ID": "CVE-2020-13358", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Gitlab CE/EE", "version": {"version_data": [{"version_value": ">=13.4"}, {"version_value": "<13.4.5"}, {"version_value": ">=13.3"}, {"version_value": "<13.3.9"}, {"version_value": ">=13.5"}, {"version_value": "<13.5.2"}]}}]}, "vendor_name": "GitLab"}]}}, "credit": [{"lang": "eng", "value": "This vulnerability has been discovered internally by the GitLab team"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper authorization in GitLab"}]}]}, "references": {"reference_data": [{"name": "https://gitlab.com/gitlab-org/gitlab/-/issues/241674", "refsource": "MISC", "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/241674"}, {"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json", "refsource": "CONFIRM", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:18:17.461Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/241674"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json"}]}]}, "cveMetadata": {"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2020-13358", "datePublished": "2020-11-17T00:20:25", "dateReserved": "2020-05-21T00:00:00", "dateUpdated": "2024-08-04T12:18:17.461Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Gitlab CE/EE (string)

vendor : GitLab (string)

versions : [ »

0 : { »

status : affected (string)

version : >=13.4 (string)

}

1 : { »

status : affected (string)

version : <13.4.5 (string)

}

2 : { »

status : affected (string)

version : >=13.3 (string)

}

3 : { »

status : affected (string)

version : <13.3.9 (string)

}

4 : { »

status : affected (string)

version : >=13.5 (string)

}

5 : { »

status : affected (string)

version : <13.5.2 (string)

}

]

}

]

credits : [ »

0 : { »

lang : en (string)

value : This vulnerability has been discovered internally by the GitLab team (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4.7 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Improper authorization in GitLab (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-11-17T00:20:25 (string)

orgId : ceab7361-8a18-47b1-92ba-4d7d25f6715a (string)

shortName : GitLab (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://gitlab.com/gitlab-org/gitlab/-/issues/241674 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@gitlab.com (string)

ID : CVE-2020-13358 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Gitlab CE/EE (string)

version : { »

version_data : [ »

0 : { »

version_value : >=13.4 (string)

}

1 : { »

version_value : <13.4.5 (string)

}

2 : { »

version_value : >=13.3 (string)

}

3 : { »

version_value : <13.3.9 (string)

}

4 : { »

version_value : >=13.5 (string)

}

5 : { »

version_value : <13.5.2 (string)

}

]

}

]

}

vendor_name : GitLab (string)

}

]

}

credit : [ »

0 : { »

lang : eng (string)

value : This vulnerability has been discovered internally by the GitLab team (string)

}

]

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2. (string)

}

]

}

impact : { »

cvss : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4.6 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Improper authorization in GitLab (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://gitlab.com/gitlab-org/gitlab/-/issues/241674 (string)

refsource : MISC (string)

url : https://gitlab.com/gitlab-org/gitlab/-/issues/241674 (string)

}

1 : { »

name : https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json (string)

refsource : CONFIRM (string)

url : https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T12:18:17.461Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://gitlab.com/gitlab-org/gitlab/-/issues/241674 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : ceab7361-8a18-47b1-92ba-4d7d25f6715a (string)

assignerShortName : GitLab (string)

cveId : CVE-2020-13358 (string)

datePublished : 2020-11-17T00:20:25 (string)

dateReserved : 2020-05-21T00:00:00 (string)

dateUpdated : 2024-08-04T12:18:17.461Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "526A67DD-AC5B-41B1-9D93-8068178879D9", "versionEndExcluding": "13.3.9", "versionStartIncluding": "13.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "21266050-8461-4C9D-A737-2F2FBAAA2E2B", "versionEndIncluding": "13.3.9", "versionStartIncluding": "13.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "C7D38168-5E74-4B9C-B0DA-9757D19DA5D5", "versionEndExcluding": "13.4.5", "versionStartIncluding": "13.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "E04A3096-9883-4120-ADE4-8CEBE811E242", "versionEndExcluding": "13.4.5", "versionStartIncluding": "13.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "46B55443-7215-4998-A3D7-6B1014513756", "versionEndExcluding": "13.5.2", "versionStartIncluding": "13.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "59FA227C-599B-4636-8FD9-71A60D0C8ABC", "versionEndExcluding": "13.5.2", "versionStartIncluding": "13.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2."}, {"lang": "es", "value": "Una vulnerabilidad en la api del agente Kubernetes interno en GitLab CE/EE versiones 13.3 y por debajo, permite el acceso no autorizado a proyectos privados. Las versiones afectadas son: versiones posteriores a 13.4 e incluy\u00e9ndola, versiones anteriores a 13.4.5, versiones posteriores a 13.3 e incluy\u00e9ndola, versiones anteriores a 13.3.9, versiones posteriores a 13.5 e incluy\u00e9ndola, versiones anteriores a 13.5.2"}], "id": "CVE-2020-13358", "lastModified": "2024-11-21T05:01:06.610", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "cve@gitlab.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-17T01:15:13.497", "references": [{"source": "cve@gitlab.com", "tags": ["Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json"}, {"source": "cve@gitlab.com", "tags": ["Broken Link"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/241674"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/241674"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* (string)

matchCriteriaId : 526A67DD-AC5B-41B1-9D93-8068178879D9 (string)

versionEndExcluding : 13.3.9 (string)

versionStartIncluding : 13.3.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* (string)

matchCriteriaId : 21266050-8461-4C9D-A737-2F2FBAAA2E2B (string)

versionEndIncluding : 13.3.9 (string)

versionStartIncluding : 13.3.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* (string)

matchCriteriaId : C7D38168-5E74-4B9C-B0DA-9757D19DA5D5 (string)

versionEndExcluding : 13.4.5 (string)

versionStartIncluding : 13.4.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* (string)

matchCriteriaId : E04A3096-9883-4120-ADE4-8CEBE811E242 (string)

versionEndExcluding : 13.4.5 (string)

versionStartIncluding : 13.4.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* (string)

matchCriteriaId : 46B55443-7215-4998-A3D7-6B1014513756 (string)

versionEndExcluding : 13.5.2 (string)

versionStartIncluding : 13.5.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* (string)

matchCriteriaId : 59FA227C-599B-4636-8FD9-71A60D0C8ABC (string)

versionEndExcluding : 13.5.2 (string)

versionStartIncluding : 13.5.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en la api del agente Kubernetes interno en GitLab CE/EE versiones 13.3 y por debajo, permite el acceso no autorizado a proyectos privados. Las versiones afectadas son: versiones posteriores a 13.4 e incluyéndola, versiones anteriores a 13.4.5, versiones posteriores a 13.3 e incluyéndola, versiones anteriores a 13.3.9, versiones posteriores a 13.5 e incluyéndola, versiones anteriores a 13.5.2 (string)

}

]

id : CVE-2020-13358 (string)

lastModified : 2024-11-21T05:01:06.610 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 2.1 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4.7 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1 (number)

impactScore : 3.6 (number)

source : cve@gitlab.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-11-17T01:15:13.497 (string)

references : [ »

0 : { »

source : cve@gitlab.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json (string)

}

1 : { »

source : cve@gitlab.com (string)

tags : [ »

0 : Broken Link (string)

]

url : https://gitlab.com/gitlab-org/gitlab/-/issues/241674 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13358.json (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://gitlab.com/gitlab-org/gitlab/-/issues/241674 (string)

}

]

sourceIdentifier : cve@gitlab.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object