diff options
Diffstat (limited to 'security/vuxml/vuln/2025.xml')
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 656 |
1 files changed, 656 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 1572fa6cd69e..a7e620621142 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,659 @@ + <vuln vid="340dc4c1-895a-11f0-b6e5-4ccc6adda413"> + <topic>exiv2 -- Denial-of-service</topic> + <affects> + <package> + <name>exiv2</name> + <range><lt>0.28.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Kevin Backhouse reports:</p> + <blockquote cite="https://github.com/Exiv2/exiv2/security/advisories/GHSA-m54q-mm9w-fp6g"> + <p>A denial-of-service was found in Exiv2 version v0.28.5: a quadratic + algorithm in the ICC profile parsing code in jpegBase::readMetadata() + can cause Exiv2 to run for a long time. Exiv2 is a command-line utility + and C++ library for reading, writing, deleting, and modifying the + metadata of image files. The denial-of-service is triggered when Exiv2 + is used to read the metadata of a crafted jpg image file.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-55304</cvename> + <url>https://github.com/Exiv2/exiv2/security/advisories/GHSA-m54q-mm9w-fp6g</url> + </references> + <dates> + <discovery>2025-08-29</discovery> + <entry>2025-09-04</entry> + </dates> + </vuln> + + <vuln vid="84a77710-8958-11f0-b6e5-4ccc6adda413"> + <topic>exiv2 -- Out-of-bounds read in Exiv2::EpsImage::writeMetadata()</topic> + <affects> + <package> + <name>exiv2</name> + <range><lt>0.28.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Kevin Backhouse reports:</p> + <blockquote cite="https://github.com/Exiv2/exiv2/security/advisories/GHSA-496f-x7cq-cq39"> + <p>An out-of-bounds read was found in Exiv2 versions v0.28.5 and earlier. + Exiv2 is a command-line utility and C++ library for reading, writing, + deleting, and modifying the metadata of image files. The out-of-bounds + read is triggered when Exiv2 is used to write metadata into a crafted + image file. An attacker could potentially exploit the vulnerability to + cause a denial of service by crashing Exiv2, if they can trick the victim + into running Exiv2 on a crafted image file.</p> + <p>Note that this bug is only triggered when writing the metadata, which + is a less frequently used Exiv2 operation than reading the metadata. For + example, to trigger the bug in the Exiv2 command-line application, you + need to add an extra command-line argument such as delete.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-54080</cvename> + <url>https://github.com/Exiv2/exiv2/security/advisories/GHSA-496f-x7cq-cq39</url> + </references> + <dates> + <discovery>2025-08-29</discovery> + <entry>2025-09-04</entry> + </dates> + </vuln> + + <vuln vid="0db8684f-8938-11f0-8325-bc2411f8eb0b"> + <topic>Django -- multiple vulnerabilities</topic> + <affects> + <package> + <name>py39-django42</name> + <name>py310-django42</name> + <name>py311-django42</name> + <range><lt>4.2.24</lt></range> + </package> + <package> + <name>py310-django51</name> + <name>py311-django51</name> + <range><lt>5.1.12</lt></range> + </package> + <package> + <name>py310-django52</name> + <name>py311-django52</name> + <range><lt>5.2.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Django reports:</p> + <blockquote cite="https://www.djangoproject.com/weblog/2025/sep/03/security-releases/"> + <p>CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-57833</cvename> + <url>https://www.djangoproject.com/weblog/2025/sep/03/security-releases/</url> + </references> + <dates> + <discovery>2025-09-01</discovery> + <entry>2025-09-04</entry> + </dates> + </vuln> + + <vuln vid="9f9b0b37-88fa-11f0-90a2-6cc21735f730"> + <topic>Shibboleth Service Provider -- SQL injection vulnerability in ODBC plugin</topic> + <affects> + <package> + <name>shibboleth-sp</name> + <range><lt>3.5.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Internet2 reports:</p> + <blockquote cite="https://shibboleth.net/community/advisories/secadv_20250903.txt"> + <p>The Shibboleth Service Provider includes a storage API usable + for a number of different use cases such as the session cache, + replay cache, and relay state management. An ODBC extension + plugin is provided with some distributions of the software + (notably on Windows).</p> + <p>A SQL injection vulnerability was identified in some of the + queries issued by the plugin, and this can be creatively + exploited through specially crafted inputs to exfiltrate + information stored in the database used by the SP.</p> + </blockquote> + </body> + </description> + <references> + <url>https://shibboleth.net/community/advisories/secadv_20250903.txt</url> + </references> + <dates> + <discovery>2025-09-03</discovery> + <entry>2025-09-03</entry> + </dates> + </vuln> + + <vuln vid="aaa060af-88d6-11f0-a294-b0416f0c4c67"> + <topic>Vieb -- Remote Code Execution via Visiting Untrusted URLs</topic> + <affects> + <package> + <name>linux-vieb</name> + <range><lt>12.4.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Zhengyu Liu, Jianjia Yu, Jelmer van Arnhem report:</p> + <blockquote cite="https://github.com/Jelmerro/Vieb/security/advisories/GHSA-h2fq-667q-7gpm"> + <p>We discovered a remote code execution (RCE) vulnerability in the latest + release of the Vieb browser (v12.3.0). By luring a user to visit a + malicious website, an attacker can achieve arbitrary code execution on the + victim’s machine.</p> + </blockquote> + </body> + </description> + <references> + <url>https://github.com/Jelmerro/Vieb/security/advisories/GHSA-h2fq-667q-7gpm</url> + </references> + <dates> + <discovery>2025-07-31</discovery> + <entry>2025-09-03</entry> + </dates> + </vuln> + + <vuln vid="d7b7e505-8486-11f0-9d03-2cf05da270f3"> + <topic>Gitlab -- vulnerabilities</topic> + <affects> + <package> + <name>gitlab-ce</name> + <name>gitlab-ee</name> + <range><ge>18.3.0</ge><lt>18.3.1</lt></range> + <range><ge>18.2.0</ge><lt>18.2.5</lt></range> + <range><ge>8.15.0</ge><lt>18.1.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Gitlab reports:</p> + <blockquote cite="https://about.gitlab.com/releases/2025/08/27/patch-release-gitlab-18-3-1-released/"> + <p>Allocation of Resources Without Limits issue in import function impacts GitLab CE/EE</p> + <p>Missing authentication issue in GraphQL endpoint impacts GitLab CE/EE</p> + <p>Allocation of Resources Without Limits issue in GraphQL impacts GitLab CE/EE</p> + <p>Code injection issue in GitLab repositories impacts GitLab CE/EE</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-3601</cvename> + <cvename>CVE-2025-2246</cvename> + <cvename>CVE-2025-4225</cvename> + <cvename>CVE-2025-5101</cvename> + <url>https://about.gitlab.com/releases/2025/08/27/patch-release-gitlab-18-3-1-released/</url> + </references> + <dates> + <discovery>2025-08-27</discovery> + <entry>2025-08-29</entry> + </dates> + </vuln> + + <vuln vid="f727fe60-8389-11f0-8438-001b217e4ee5"> + <topic>ISC KEA -- kea-dhcp4 aborts if client sends a broadcast request with particular options</topic> + <affects> + <package> + <name>kea</name> + <range><ge>3.0.0</ge><lt>3.0.1</lt></range> + </package> + <package> + <name>kea-devel</name> + <range><ge>3.1.0</ge><lt>3.1.1</lt></range> + <range><ge>2.7.1</ge><le>2.7.9</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Internet Systems Consortium, Inc. reports:</p> + <blockquote cite="https://kb.isc.org/docs/"> + <p>We corrected an issue in `kea-dhcp4` that caused + the server to abort if a client sent a broadcast request with particular + options, and Kea failed to find an appropriate subnet for that client. + This addresses CVE-2025-40779 [#4055, #4048].</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-40779</cvename> + </references> + <dates> + <discovery>2025-08-27</discovery> + <entry>2025-08-27</entry> + </dates> + </vuln> + + <vuln vid="2a11aa1e-83c7-11f0-b6e5-4ccc6adda413"> + <topic>qt6-base -- DoS in QColorTransferGenericFunction</topic> + <affects> + <package> + <name>qt6-base</name> + <range><lt>6.9.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Andy Shaw reports:</p> + <blockquote cite="https://www.qt.io/blog/security-advisory-recently-reported-denial-of-service-issue-in-qcolortransfergenericfunction-impacts-qt"> + <p>When passing values outside of the expected range to QColorTransferGenericFunction + it can cause a denial of service, for example, this can happen when passing a + specifically crafted ICC profile to QColorSpace::fromICCProfile.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-5992</cvename> + <url>https://www.qt.io/blog/security-advisory-recently-reported-denial-of-service-issue-in-qcolortransfergenericfunction-impacts-qt</url> + </references> + <dates> + <discovery>2025-07-11</discovery> + <entry>2025-08-28</entry> + </dates> + </vuln> + + <vuln vid="edf83c10-83b8-11f0-b6e5-4ccc6adda413"> + <topic>qt6-webengine -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>qt6-pdf</name> + <name>qt6-webengine</name> + <range><lt>6.9.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Qt qtwebengine-chromium repo reports:</p> + <blockquote cite="https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=130-based"> + <p>Backports for 25 security bugs in Chromium:</p> + <ul> + <li>CVE-2025-5063: Use after free in Compositing</li> + <li>CVE-2025-5064: Inappropriate implementation in Background Fetch</li> + <li>CVE-2025-5065: Inappropriate implementation in FileSystemAccess API</li> + <li>CVE-2025-5068: Use after free in Blink</li> + <li>CVE-2025-5280: Out of bounds write in V8</li> + <li>CVE-2025-5281: Inappropriate implementation in BFCache</li> + <li>CVE-2025-5283: Use after free in libvpx</li> + <li>CVE-2025-5419: Out of bounds read and write in V8</li> + <li>CVE-2025-6191: Integer overflow in V8</li> + <li>CVE-2025-6192: Use after free in Profiler</li> + <li>CVE-2025-6554: Type Confusion in V8</li> + <li>CVE-2025-6556: Insufficient policy enforcement in Loader</li> + <li>CVE-2025-6557: Insufficient data validation in DevTools</li> + <li>CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU</li> + <li>CVE-2025-7656: Integer overflow in V8</li> + <li>CVE-2025-7657: Use after free in WebRTC</li> + <li>CVE-2025-8010: Type Confusion in V8</li> + <li>CVE-2025-8576: Use after free in Extensions</li> + <li>CVE-2025-8578: Use after free in Cast</li> + <li>CVE-2025-8580: Inappropriate implementation in Filesystems</li> + <li>CVE-2025-8582: Insufficient validation of untrusted input in DOM</li> + <li>CVE-2025-8879: Heap buffer overflow in libaom</li> + <li>CVE-2025-8880: Race in V8</li> + <li>CVE-2025-8881: Inappropriate implementation in File Picker</li> + <li>CVE-2025-8901: Out of bounds write in ANGLE</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-5063</cvename> + <cvename>CVE-2025-5064</cvename> + <cvename>CVE-2025-5065</cvename> + <cvename>CVE-2025-5068</cvename> + <cvename>CVE-2025-5280</cvename> + <cvename>CVE-2025-5281</cvename> + <cvename>CVE-2025-5283</cvename> + <cvename>CVE-2025-5419</cvename> + <cvename>CVE-2025-6191</cvename> + <cvename>CVE-2025-6192</cvename> + <cvename>CVE-2025-6554</cvename> + <cvename>CVE-2025-6556</cvename> + <cvename>CVE-2025-6557</cvename> + <cvename>CVE-2025-6558</cvename> + <cvename>CVE-2025-7656</cvename> + <cvename>CVE-2025-7657</cvename> + <cvename>CVE-2025-8010</cvename> + <cvename>CVE-2025-8576</cvename> + <cvename>CVE-2025-8578</cvename> + <cvename>CVE-2025-8580</cvename> + <cvename>CVE-2025-8582</cvename> + <cvename>CVE-2025-8879</cvename> + <cvename>CVE-2025-8880</cvename> + <cvename>CVE-2025-8881</cvename> + <cvename>CVE-2025-8901</cvename> + <url>https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=130-based</url> + </references> + <dates> + <discovery>2025-05-27</discovery> + <entry>2025-08-28</entry> + </dates> + </vuln> + + <vuln vid="6989312e-8366-11f0-9bc6-b42e991fc52e"> + <topic>SQLite -- application crash</topic> + <affects> + <package> + <name>sqlite3</name> + <range><lt>3.49.1</lt></range> + </package> + <package> + <name>linux_base-rl9-9.6</name> + <range><lt>9.6</lt></range> + </package> + <package> + <name>linux-c7-sqlite</name> + <range><lt>3.7.17_2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cve@mitre.org reports:</p> + <blockquote cite="https://gist.github.com/ylwango613/d3883fb9f6ba8a78086356779ce88248"> + <p>In SQLite 3.49.0 before 3.49.1, certain argument values + to sqlite3_db_config (in the C-language API) can cause a + denial of service (application crash). An sz*nBig + multiplication is not cast to a 64-bit integer, and + consequently some memory allocations may be incorrect.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-29088</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-29088</url> + </references> + <dates> + <discovery>2025-04-10</discovery> + <entry>2025-08-27</entry> + </dates> + </vuln> + + <vuln vid="c323bab5-80dd-11f0-97c4-40b034429ecf"> + <topic>p5-Catalyst-Authentication-Credential-HTTP -- Insecure source of randomness</topic> + <affects> + <package> + <name>p5-Catalyst-Authentication-Credential-HTTP</name> + <range><lt>1.019</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>perl-catalyst project reports:</p> + <blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2025-40920"> + <p>Catalyst::Authentication::Credential::HTTP versions 1.018 + and earlier for Perl generate nonces using + the Perl Data::UUID library. * Data::UUID does not use a + strong cryptographic source for generating + UUIDs.* Data::UUID returns v3 UUIDs, which are generated + from known information and are unsuitable for + security, as per RFC 9562. * The nonces should be generated + from a strong cryptographic source, as per RFC 7616.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-40920</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-40920</url> + </references> + <dates> + <discovery>2025-08-11</discovery> + <entry>2025-08-24</entry> + </dates> + </vuln> + + <vuln vid="07335fb9-7eb1-11f0-ba14-b42e991fc52e"> + <topic>Mozilla -- memory safety bugs</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>142</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/buglist.cgi?bug_id=1825621%2C1970079%2C1976736%2C1979072"> + <p>Memory safety bugs present in Firefox 141 and Thunderbird + 141. Some of these bugs showed evidence of memory corruption + and we presume that with enough effort some of these could + have been exploited to run arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9187</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9187</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + + <vuln vid="feb359ef-7eb0-11f0-ba14-b42e991fc52e"> + <topic>Mozilla -- memory safety bugs</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>128.14</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>140.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/buglist.cgi?bug_id=1970154%2C1976782%2C1977166"> + <p>Memory safety bugs present in Firefox ESR 115.26, Firefox + ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, + Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. + Some of these bugs showed evidence of memory corruption and + we presume that with enough effort some of these could have + been exploited to run arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9184</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9184</url> + <cvename>CVE-2025-9185</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9185</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + + <vuln vid="fa7fd6d4-7eb0-11f0-ba14-b42e991fc52e"> + <topic>Firefox -- Spoofing in the Address Bar</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>140.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1976102"> + <p>Spoofing issue in the Address Bar component.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9183</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9183</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + + <vuln vid="f994cea5-7eb0-11f0-ba14-b42e991fc52e"> + <topic>Mozilla -- DoS in WebRender</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>140.2</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>142</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1975837"> + <p>'Denial-of-service due to out-of-memory in the + Graphics: WebRender component.'</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9182</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9182</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + + <vuln vid="f7e8e9a3-7eb0-11f0-ba14-b42e991fc52e"> + <topic>Mozilla -- Uninitialized memory</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>140.2</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>140.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1977130"> + <p>Uninitialized memory in the JavaScript Engine component.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9181</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9181</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + + <vuln vid="f6219d24-7eb0-11f0-ba14-b42e991fc52e"> + <topic>Mozilla -- Same-origin policy bypass</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>140.2</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>142</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1979782"> + <p>'Same-origin policy bypass in the Graphics: Canvas2D + component.'</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9180</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9180</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + + <vuln vid="f42ee983-7eb0-11f0-ba14-b42e991fc52e"> + <topic>Mozilla -- memory corruption in GMP</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>142,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>140.2</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>140.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1979527"> + <p>An attacker was able to perform memory corruption in the GMP process + which processes encrypted media. This process is also heavily + sandboxed, but represents slightly different privileges from the + content process.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9179</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-9179</url> + </references> + <dates> + <discovery>2025-08-19</discovery> + <entry>2025-08-21</entry> + </dates> + </vuln> + <vuln vid="eb03714d-79f0-11f0-b4c1-ac5afc632ba3"> <topic>nginx -- worker process memory disclosure</topic> <affects> |