{"id":"CVE-2026-43408","summary":"ceph: add a bunch of missing ceph_path_info initializers","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nceph: add a bunch of missing ceph_path_info initializers\n\nceph_mdsc_build_path() must be called with a zero-initialized\nceph_path_info parameter, or else the following\nceph_mdsc_free_path_info() may crash.\n\nExample crash (on Linux 6.18.12):\n\n  virt_to_cache: Object is not a Slab page!\n  WARNING: CPU: 184 PID: 2871736 at mm/slub.c:6732 kmem_cache_free+0x316/0x400\n  [...]\n  Call Trace:\n   [...]\n   ceph_open+0x13d/0x3e0\n   do_dentry_open+0x134/0x480\n   vfs_open+0x2a/0xe0\n   path_openat+0x9a3/0x1160\n  [...]\n  cache_from_obj: Wrong slab cache. names_cache but object is from ceph_inode_info\n  WARNING: CPU: 184 PID: 2871736 at mm/slub.c:6746 kmem_cache_free+0x2dd/0x400\n  [...]\n  kernel BUG at mm/slub.c:634!\n  Oops: invalid opcode: 0000 [#1] SMP NOPTI\n  RIP: 0010:__slab_free+0x1a4/0x350\n\nSome of the ceph_mdsc_build_path() callers had initializers, but\nothers had not, even though they were all added by commit 15f519e9f883\n(\"ceph: fix race condition validating r_parent before applying state\").\nThe ones without initializer are suspectible to random crashes.  (I can\nimagine it could even be possible to exploit this bug to elevate\nprivileges.)\n\nUnfortunately, these Ceph functions are undocumented and its semantics\ncan only be derived from the code.  I see that ceph_mdsc_build_path()\ninitializes the structure only on success, but not on error.\n\nCalling ceph_mdsc_free_path_info() after a failed\nceph_mdsc_build_path() call does not even make sense, but that's what\nall callers do, and for it to be safe, the structure must be\nzero-initialized.  The least intrusive approach to fix this is\ntherefore to add initializers everywhere.","modified":"2026-05-23T03:57:33.904646211Z","published":"2026-05-08T14:21:47.579Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43408.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/43323a5934b660afae687e8e4e95ac328615a5c4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/453df1f4535842bf17ff1885a225e153d7ee3374"},{"type":"WEB","url":"https://git.kernel.org/stable/c/644b47f0574fd82aeb9d00317eca8d1f2a525c8c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8be8911f590813e6f90bc6407ced1b23e50bc5da"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43408.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43408"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"db378e6f83ec705c6091c65d482d555edc2b0a72"},{"fixed":"644b47f0574fd82aeb9d00317eca8d1f2a525c8c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"15f519e9f883b316d86e2bb6b767a023aafd9d83"},{"fixed":"8be8911f590813e6f90bc6407ced1b23e50bc5da"},{"fixed":"453df1f4535842bf17ff1885a225e153d7ee3374"},{"fixed":"43323a5934b660afae687e8e4e95ac328615a5c4"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"2bfe45987eb346e299d9f763f9cd05f77011519f"}]}],"versions":["v6.12.77","v6.12.76","v6.12.75","v6.12.74","v6.12.73","v6.12.72","v6.12.71","v6.12.70","v6.12.69","v6.12.68","v6.12.67","v6.12.66","v6.12.65","v6.12.64","v6.12.63","v6.12.62","v6.12.61","v6.12.60","v6.12.59","v6.12.58","v6.12.57","v6.12.56","v6.12.55","v6.12.54","v6.12.53","v6.12.52","v6.12.51","v6.12.50","v6.12.49","v6.12.48","v6.16","v6.16.7","v6.16.6","v6.16.5","v6.16.4","v6.16.3","v6.16.2","v6.16.1","v6.16-rc6","v6.16-rc1","v6.16-rc4","v6.16-rc2","v6.16-rc5","v6.16-rc7","v6.16-rc3","v6.14-rc3","v6.15","v6.15-rc1","v6.15-rc6","v6.15-rc3","v6.15-rc2","v6.15-rc7","v6.15-rc4","v6.15-rc5","v6.14","v6.14-rc1","v6.14-rc7","v6.14-rc6","v6.14-rc4","v6.14-rc5","v6.14-rc2","v6.13","v6.13-rc1","v6.13-rc6","v6.13-rc7","v6.13-rc2","v6.13-rc5","v6.13-rc3","v6.12-rc1","v6.13-rc4","v6.12","v6.12-rc7","v6.12-rc3","v6.12-rc4","v6.12-rc6","v6.12-rc5","v6.12-rc2","v6.11-rc1","v6.11-rc5","v6.11","v6.11-rc7","v6.10-rc1","v6.11-rc6","v6.11-rc3","v6.11-rc4","v6.11-rc2","v6.10","v6.10-rc6","v6.10-rc7","v6.10-rc3","v6.9-rc1","v6.10-rc5","v6.10-rc2","v6.10-rc4","v6.9","v6.9-rc6","v6.9-rc7","v6.9-rc5","v6.9-rc3","v6.9-rc2","v6.8","v6.9-rc4","v6.8-rc1","v6.7-rc1","v6.8-rc7","v6.8-rc6","v6.8-rc5","v6.8-rc4","v6.8-rc3","v6.8-rc2","v6.7","v6.7-rc3","v6.7-rc8","v6.7-rc7","v6.7-rc6","v6.7-rc2","v6.7-rc4","v6.7-rc5","v6.6","v6.6-rc1","v6.6-rc5","v6.6-rc3","v6.6-rc7","v6.6-rc6","v6.6-rc4","v6.6-rc2","v6.5","v6.5-rc1","v6.5-rc2","v6.5-rc7","v6.5-rc4","v6.5-rc3","v6.5-rc6","v6.5-rc5","v6.4","v6.4-rc7","v6.4-rc1","v6.4-rc6","v6.4-rc5","v6.4-rc3","v6.4-rc4","v6.4-rc2","v6.3","v6.3-rc1","v6.3-rc7","v6.3-rc2","v6.3-rc3","v6.3-rc5","v6.3-rc6","v6.3-rc4","v6.2-rc6","v6.2-rc1","v6.2","v6.2-rc2","v6.2-rc8","v6.2-rc5","v6.2-rc4","v6.2-rc7","v6.2-rc3","v6.1-rc1","v6.1","v6.1-rc8","v6.1-rc3","v6.1-rc6","v6.1-rc7","v6.1-rc4","v6.1-rc2","v6.1-rc5","v6.0-rc1","v6.0","v6.0-rc7","v6.0-rc3","v6.0-rc2","v6.0-rc6","v6.0-rc4","v6.0-rc5","v5.19","v5.19-rc1","v5.19-rc5","v5.19-rc8","v5.19-rc6","v5.18","v5.19-rc2","v5.19-rc7","v5.19-rc3","v5.19-rc4","v5.18-rc1","v5.18-rc7","v5.18-rc2","v5.18-rc5","v5.17","v5.18-rc4","v5.18-rc3","v5.18-rc6","v5.17-rc6","v5.17-rc4","v5.17-rc8","v5.17-rc7","v5.17-rc1","v5.17-rc3","v5.17-rc2","v5.17-rc5","v5.16","v5.16-rc1","v5.16-rc8","v5.16-rc5","v5.16-rc6","v5.16-rc7","v5.16-rc3","v5.16-rc2","v5.16-rc4","v5.15","v5.15-rc2","v5.15-rc1","v5.15-rc4","v5.15-rc7","v5.15-rc3","v5.15-rc5","v5.15-rc6","v5.14","v5.14-rc3","v5.14-rc1","v5.14-rc2","v5.14-rc7","v5.14-rc6","v5.13-rc1","v5.14-rc5","v5.14-rc4","v5.13","v5.13-rc6","v5.13-rc7","v5.13-rc3","v5.13-rc2","v5.13-rc4","v5.13-rc5","v5.12","v5.12-rc2","v5.12-rc1-dontuse","v5.12-rc1","v5.12-rc8","v5.12-rc3","v5.12-rc7","v5.12-rc5","v5.12-rc6","v5.12-rc4","v5.10","v5.11","v5.11-rc3","v5.11-rc7","v5.11-rc6","v5.11-rc5","v5.11-rc1","v5.11-rc4","v5.11-rc2","v5.10-rc1","v5.10-rc7","v5.10-rc4","v5.10-rc3","v5.10-rc6","v5.9","v5.10-rc2","v5.10-rc5","v5.9-rc1","v5.9-rc7","v5.9-rc8","v5.9-rc6","v5.9-rc4","v5.9-rc5","v5.9-rc3","v5.9-rc2","v5.8","v5.7","v5.8-rc2","v5.8-rc1","v5.8-rc7","v5.8-rc5","v5.8-rc3","v5.8-rc4","v5.8-rc6","v5.7-rc4","v5.7-rc7","v5.7-rc1","v5.7-rc3","v5.7-rc2","v5.7-rc5","v5.7-rc6","v5.6","v5.6-rc1","v5.6-rc7","v5.6-rc6","v5.6-rc3","v5.6-rc4","v5.6-rc2","v5.6-rc5","v5.5","v5.5-rc5","v5.5-rc7","v5.5-rc2","v5.5-rc1","v5.4","v5.5-rc4","v5.5-rc3","v5.5-rc6","v5.4-rc1","v5.4-rc6","v5.4-rc3","v5.4-rc4","v5.4-rc8","v5.4-rc7","v5.4-rc5","v5.3","v5.4-rc2","v5.3-rc5","v5.3-rc1","v5.3-rc2","v5.3-rc3","v5.3-rc8","v5.3-rc7","v5.3-rc4","v5.2","v5.3-rc6","v5.2-rc2","v5.2-rc7","v5.2-rc4","v5.2-rc1","v5.2-rc5","v5.2-rc6","v5.2-rc3","v5.1","v5.0-rc8","v5.1-rc7","v5.1-rc1","v5.1-rc6","v5.1-rc5","v5.0","v5.1-rc3","v5.1-rc2","v5.1-rc4","v5.0-rc1","v5.0-rc4","v5.0-rc3","v5.0-rc6","v5.0-rc7","v5.0-rc2","v5.0-rc5","v4.20-rc1","v4.19","v4.20","v4.20-rc7","v4.20-rc5","v4.20-rc6","v4.20-rc4","v4.20-rc2","v4.20-rc3","v4.19-rc2","v4.19-rc8","v4.19-rc4","v4.19-rc1","v4.19-rc7","v4.19-rc6","v4.19-rc5","v4.19-rc3","v4.18","v4.18-rc1","v4.18-rc8","v4.18-rc2","v4.18-rc5","v4.18-rc6","v4.18-rc7","v4.17","v4.18-rc3","v4.18-rc4","v4.17-rc1","v4.17-rc2","v4.17-rc7","v4.17-rc3","v4.17-rc4","v4.16","v4.17-rc6","v4.17-rc5","v4.16-rc7","v4.16-rc4","v4.16-rc1","v4.16-rc2","v4.16-rc5","v4.16-rc3","v4.16-rc6","v4.14","v4.15","v4.15-rc1","v4.15-rc4","v4.15-rc9","v4.15-rc8","v4.15-rc7","v4.15-rc3","v4.15-rc2","v4.15-rc5","v4.15-rc6","v4.14-rc1","v4.14-rc7","v4.14-rc3","v4.13","v4.14-rc8","v4.14-rc4","v4.14-rc6","v4.14-rc2","v4.14-rc5","v4.13-rc2","v4.13-rc1","v4.13-rc3","v4.13-rc7","v4.13-rc4","v4.13-rc5","v4.13-rc6","v4.12-rc1","v4.12","v4.12-rc5","v4.12-rc7","v4.12-rc6","v4.12-rc4","v4.12-rc2","v4.12-rc3","v4.11","v4.11-rc1","v4.11-rc6","v4.11-rc8","v4.11-rc7","v4.11-rc3","v4.11-rc5","v4.11-rc2","v4.11-rc4","v4.10","v4.9","v4.10-rc8","v4.10-rc3","v4.10-rc1","v4.10-rc7","v4.10-rc6","v4.10-rc2","v4.10-rc5","v4.10-rc4","v4.9-rc7","v4.9-rc6","v4.9-rc8","v4.9-rc1","v4.9-rc5","v4.9-rc3","v4.9-rc4","v4.9-rc2","v4.8","v4.8-rc8","v4.8-rc2","v4.8-rc1","v4.8-rc7","v4.8-rc6","v4.8-rc5","v4.8-rc4","v4.8-rc3","v4.7","v4.7-rc4","v4.7-rc2","v4.7-rc1","v4.7-rc7","v4.7-rc6","v4.7-rc3","v4.7-rc5","v4.6","v4.6-rc1","v4.6-rc6","v4.6-rc4","v4.6-rc7","v4.6-rc5","v4.5-rc4","v4.6-rc2","v4.6-rc3","v4.5","v4.4","v4.5-rc1","v4.5-rc6","v4.5-rc2","v4.5-rc7","v4.5-rc5","v4.5-rc3","v4.4-rc1","v4.4-rc2","v4.4-rc8","v4.4-rc3","v4.4-rc7","v4.4-rc5","v4.4-rc6","v4.4-rc4","v4.3","v4.3-rc1","v4.3-rc6","v4.3-rc4","v4.3-rc2","v4.3-rc7","v4.3-rc5","v4.3-rc3","v4.2","v4.2-rc2","v4.2-rc1","v4.2-rc8","v4.2-rc4","v4.2-rc6","v4.2-rc7","v4.0-rc5","v4.2-rc5","v4.2-rc3","v4.1-rc2","v4.1","v4.1-rc1","v4.1-rc8","v4.1-rc7","v4.1-rc6","v4.1-rc3","v4.1-rc4","v4.0","v4.1-rc5","v4.0-rc1","v4.0-rc2","v4.0-rc7","v4.0-rc3","v4.0-rc6","v4.0-rc4","v3.19","v3.19-rc7","v3.19-rc5","v3.19-rc1","v3.19-rc6","v3.19-rc4","v3.18-rc1","v3.19-rc3","v3.19-rc2","v3.18","v3.18-rc7","v3.18-rc6","v3.18-rc2","v3.18-rc3","v3.18-rc4","v3.18-rc5","v3.17","v3.17-rc1","v3.17-rc7","v3.17-rc2","v3.17-rc4","v3.16","v3.17-rc5","v3.17-rc6","v3.17-rc3","v3.16-rc7","v3.16-rc1","v3.16-rc3","v3.16-rc5","v3.16-rc6","v3.16-rc2","v3.16-rc4","v3.13","v3.15","v3.15-rc5","v3.15-rc8","v3.15-rc1","v3.15-rc6","v3.15-rc3","v3.15-rc7","v3.15-rc2","v3.15-rc4","v3.14","v3.14-rc4","v3.14-rc8","v3.14-rc7","v3.14-rc6","v3.14-rc1","v3.14-rc2","v3.14-rc5","v3.14-rc3","v3.13-rc6","v3.13-rc8","v3.12","v3.13-rc7","v3.13-rc1","v3.13-rc4","v3.13-rc3","v3.13-rc5","v3.13-rc2","v3.12-rc7","v3.12-rc3","v3.12-rc6","v3.12-rc1","v3.12-rc5","v3.11","v3.12-rc2","v3.12-rc4","v3.11-rc7","v3.11-rc2","v3.11-rc5","v3.11-rc1","v3.11-rc3","v3.11-rc4","v3.11-rc6","v3.10-rc2","v3.10","v3.10-rc7","v3.10-rc6","v3.10-rc1","v3.10-rc5","v3.10-rc3","v3.10-rc4","v3.9","v3.9-rc2","v3.9-rc7","v3.9-rc8","v3.9-rc3","v3.9-rc6","v3.9-rc5","v3.9-rc4","v3.9-rc1","v3.8","v3.8-rc7","v3.8-rc6","v3.8-rc5","v3.8-rc2","v3.8-rc1","v3.8-rc3","v3.8-rc4","v3.7","v3.7-rc1","v3.6","v3.7-rc6","v3.7-rc7","v3.7-rc3","v3.7-rc8","v3.7-rc2","v3.7-rc4","v3.7-rc5","v3.6-rc7","v3.6-rc1","v3.5-rc3","v3.6-rc6","v3.6-rc5","v3.5","v3.6-rc3","v3.6-rc4","v3.6-rc2","v3.4-rc4","v3.5-rc7","v3.5-rc5","v3.5-rc6","v3.5-rc2","v3.5-rc1","v3.5-rc4","v3.4","v3.4-rc2","v3.4-rc1","v3.4-rc7","v3.4-rc6","v3.4-rc3","v3.4-rc5","v3.3","v3.3-rc6","v3.3-rc3","v3.3-rc7","v3.3-rc2","v3.3-rc5","v3.2","v3.3-rc4","v3.3-rc1","v3.2-rc4","v3.2-rc7","v3.2-rc6","v3.2-rc5","v3.2-rc3","v3.1","v3.2-rc2","v3.2-rc1","v3.1-rc1","v3.1-rc9","v3.1-rc8","v3.1-rc10","v3.1-rc7","v3.1-rc3","v3.1-rc2","v3.1-rc4","v3.1-rc5","v3.0","v3.1-rc6","v3.0-rc7","v3.0-rc4","v3.0-rc6","v3.0-rc5","v3.0-rc3","v3.0-rc1","v2.6.39","v3.0-rc2","v2.6.38","v2.6.39-rc2","v2.6.39-rc7","v2.6.39-rc5","v2.6.39-rc1","v2.6.38-rc7","v2.6.39-rc6","v2.6.39-rc4","v2.6.39-rc3","v2.6.37","v2.6.38-rc1","v2.6.38-rc8","v2.6.38-rc2","v2.6.38-rc6","v2.6.38-rc5","v2.6.38-rc4","v2.6.38-rc3","v2.6.37-rc4","v2.6.37-rc2","v2.6.36","v2.6.37-rc5","v2.6.37-rc8","v2.6.37-rc7","v2.6.37-rc6","v2.6.37-rc1","v2.6.37-rc3","v2.6.36-rc6","v2.6.35-rc4","v2.6.36-rc8","v2.6.35","v2.6.36-rc7","v2.6.36-rc3","v2.6.36-rc5","v2.6.36-rc4","v2.6.36-rc2","v2.6.36-rc1","v2.6.35-rc5","v2.6.35-rc6","v2.6.34","v2.6.35-rc3","v2.6.35-rc1","v2.6.35-rc2","v2.6.34-rc7","v2.6.34-rc6","v2.6.34-rc5","v2.6.34-rc4","v2.6.34-rc3","v2.6.34-rc2","v2.6.34-rc1","v2.6.33","v2.6.33-rc6","v2.6.33-rc8","v2.6.33-rc4","v2.6.33-rc5","v2.6.33-rc3","v2.6.33-rc7","v2.6.33-rc2","v2.6.32","v2.6.33-rc1","v2.6.32-rc8","v2.6.32-rc7","v2.6.32-rc6","v2.6.31","v2.6.32-rc5","v2.6.32-rc4","v2.6.32-rc2","v2.6.32-rc1","v2.6.32-rc3","v2.6.31-rc9","v2.6.31-rc1","v2.6.31-rc7","v2.6.31-rc8","v2.6.31-rc6","v2.6.30-rc6","v2.6.30","v2.6.31-rc4","v2.6.31-rc5","v2.6.31-rc3","v2.6.31-rc2","v2.6.30-rc7","v2.6.30-rc8","v2.6.30-rc5","v2.6.30-rc3","v2.6.30-rc4","v2.6.30-rc1","v2.6.30-rc2","v2.6.29","v2.6.29-rc8","v2.6.29-rc7","v2.6.29-rc5","v2.6.29-rc1","v2.6.29-rc6","v2.6.29-rc4","v2.6.29-rc3","v2.6.29-rc2","v2.6.28","v2.6.28-rc7","v2.6.28-rc9","v2.6.28-rc8","v2.6.28-rc6","v2.6.28-rc5","v2.6.28-rc4","v2.6.28-rc2","v2.6.28-rc3","v2.6.28-rc1","v2.6.27","v2.6.27-rc7","v2.6.27-rc9","v2.6.27-rc8","v2.6.27-rc5","v2.6.27-rc6","v2.6.27-rc4","v2.6.27-rc1","v2.6.27-rc3","v2.6.27-rc2","v2.6.26","v2.6.26-rc9","v2.6.26-rc8","v2.6.26-rc3","v2.6.26-rc7","v2.6.26-rc6","v2.6.26-rc5","v2.6.26-rc4","v2.6.26-rc2","v2.6.26-rc1","v2.6.25","v2.6.25-rc7","v2.6.25-rc9","v2.6.25-rc8","v2.6.25-rc6","v2.6.25-rc5","v2.6.25-rc3","v2.6.25-rc4","v2.6.24","v2.6.25-rc2","v2.6.25-rc1","v2.6.24-rc8","v2.6.24-rc7","v2.6.24-rc6","v2.6.24-rc5","v2.6.24-rc4","v2.6.24-rc3","v2.6.24-rc2","v2.6.24-rc1","v2.6.23","v2.6.23-rc9","v2.6.23-rc8","v2.6.23-rc5","v2.6.23-rc7","v2.6.23-rc6","v2.6.23-rc4","v2.6.23-rc3","v2.6.23-rc2","v2.6.23-rc1","v2.6.22","v2.6.22-rc7","v2.6.22-rc6","v2.6.22-rc5","v2.6.22-rc4","v2.6.22-rc3","v2.6.22-rc2","v2.6.22-rc1","v2.6.21","v2.6.21-rc7","v2.6.21-rc6","v2.6.21-rc5","v2.6.21-rc4","v2.6.21-rc3","v2.6.21-rc2","v2.6.21-rc1","v2.6.20-rc7","v2.6.20-rc6","v2.6.20-rc5","v2.6.20-rc4","v2.6.20-rc3","v2.6.20-rc1","v2.6.20-rc2","v2.6.19-rc2","v2.6.18","v2.6.19-rc1","v2.6.18-rc6","v2.6.18-rc5","v2.6.18-rc3","v2.6.18-rc2","v2.6.18-rc1","v2.6.17","v2.6.17-rc4","v2.6.17-rc6","v2.6.17-rc5","v2.6.17-rc3","v2.6.17-rc2","v2.6.17-rc1","v2.6.16","v2.6.16-rc6","v2.6.16-rc4","v2.6.16-rc5","v2.6.16-rc3","v2.6.16-rc2","v2.6.16-rc1","v2.6.15-rc7","v2.6.15-rc5","v2.6.15-rc4","v2.6.15-rc2","v2.6.15-rc1","v2.6.14-rc3","v2.6.14-rc2","v2.6.14-rc1","v2.6.13","v2.6.13-rc7","v2.6.13-rc6","v2.6.13-rc5","v2.6.13-rc3","v2.6.13-rc4","v2.6.13-rc2","v2.6.13-rc1","v2.6.12-rc4","v2.6.12-rc3","v2.6.12-rc2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43408.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.12.78"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.17.0"},{"fixed":"6.19.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43408.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}