Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/170352?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "bouncycastle", "version": "1.68-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.77-1", "latest_non_vulnerable_version": "1.80-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/253097?format=api", "vulnerability_id": "VCID-7xfh-byzs-tkdp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-30171", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34147", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-30171" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0008" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655", "reference_id": "1070655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360", "reference_id": "2276360", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171", "reference_id": "CVE-2024-30171", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171" }, { "reference_url": "https://github.com/advisories/GHSA-v435-xc8x-wvr9", "reference_id": "GHSA-v435-xc8x-wvr9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v435-xc8x-wvr9" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0008/", "reference_id": "ntap-20240614-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4173", "reference_id": "RHSA-2024:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4271", "reference_id": "RHSA-2024:4271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4326", "reference_id": "RHSA-2024:4326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4505", "reference_id": "RHSA-2024:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5479", "reference_id": "RHSA-2024:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5481", "reference_id": "RHSA-2024:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5482", "reference_id": "RHSA-2024:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5482" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170367?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-30171", "GHSA-v435-xc8x-wvr9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xfh-byzs-tkdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/251899?format=api", "vulnerability_id": "VCID-ehyy-3cqc-rbas", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49433", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29857" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20241206-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20241206-0008" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655", "reference_id": "1070655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028", "reference_id": "2293028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857", "reference_id": "CVE-2024-29857", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857" }, { "reference_url": "https://github.com/advisories/GHSA-8xfc-gm6g-vgpv", "reference_id": "GHSA-8xfc-gm6g-vgpv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8xfc-gm6g-vgpv" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4271", "reference_id": "RHSA-2024:4271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4326", "reference_id": "RHSA-2024:4326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4505", "reference_id": "RHSA-2024:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5479", "reference_id": "RHSA-2024:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5481", "reference_id": "RHSA-2024:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5482", "reference_id": "RHSA-2024:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5482" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170367?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-29857", "GHSA-8xfc-gm6g-vgpv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehyy-3cqc-rbas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255852?format=api", "vulnerability_id": "VCID-p5xq-b7r6-kbg3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34447.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33918", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34447" }, { "reference_url": "http://security.netapp.com/advisory/ntap-20240614-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.netapp.com/advisory/ntap-20240614-0007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/issues/1656", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/issues/1656" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9034447", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:10:40Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9034447" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:10:40Z/" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655", "reference_id": "1070655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279227", "reference_id": "2279227", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279227" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34447", "reference_id": "CVE-2024-34447", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34447" }, { "reference_url": "https://github.com/advisories/GHSA-4h8f-2wvx-gg5w", "reference_id": "GHSA-4h8f-2wvx-gg5w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4h8f-2wvx-gg5w" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0007/", "reference_id": "ntap-20240614-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:10:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4271", "reference_id": "RHSA-2024:4271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4326", "reference_id": "RHSA-2024:4326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4326" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170367?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-34447", "GHSA-4h8f-2wvx-gg5w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5xq-b7r6-kbg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/318189?format=api", "vulnerability_id": "VCID-sdd6-qqdu-uffb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3076", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8885" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T18:14:28Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8885", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8885" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387790", "reference_id": "2387790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387790" }, { "reference_url": "https://github.com/advisories/GHSA-67mf-3cr5-8w23", "reference_id": "GHSA-67mf-3cr5-8w23", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-67mf-3cr5-8w23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170367?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-8885", "GHSA-67mf-3cr5-8w23" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdd6-qqdu-uffb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17962?format=api", "vulnerability_id": "VCID-vkma-tkqz-r7ha", "summary": "Improper Certificate Validation\nBouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33201", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55807", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33201" }, { "reference_url": "https://bouncycastle.org", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://bouncycastle.org" }, { "reference_url": "https://bouncycastle.org/releasenotes.html#r1rv74", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bouncycastle.org/releasenotes.html#r1rv74" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc" }, { "reference_url": "https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230824-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230824-0008" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230824-0008/", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230824-0008/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050", "reference_id": "1040050", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", "reference_id": "2215465", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", "reference_id": "CVE-2023-33201", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", "reference_id": "CVE-2023-33201", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201" }, { "reference_url": "https://github.com/advisories/GHSA-hr8g-6v94-x4m9", "reference_id": "GHSA-hr8g-6v94-x4m9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hr8g-6v94-x4m9" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5147", "reference_id": "RHSA-2023:5147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5165", "reference_id": "RHSA-2023:5165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7482", "reference_id": "RHSA-2023:7482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7483", "reference_id": "RHSA-2023:7483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7484", "reference_id": "RHSA-2023:7484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7486", "reference_id": "RHSA-2023:7486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7488", "reference_id": "RHSA-2023:7488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7669", "reference_id": "RHSA-2023:7669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7678", "reference_id": "RHSA-2023:7678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0278", "reference_id": "RHSA-2024:0278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0278" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170366?format=api", "purl": "pkg:deb/debian/bouncycastle@1.77-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.77-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-33201", "GHSA-hr8g-6v94-x4m9" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vkma-tkqz-r7ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/318218?format=api", "vulnerability_id": "VCID-yhfn-dext-5ubb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25819", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8916" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T13:13:37Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388195", "reference_id": "2388195", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388195" }, { "reference_url": "https://github.com/advisories/GHSA-4cx2-fc23-5wg6", "reference_id": "GHSA-4cx2-fc23-5wg6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4cx2-fc23-5wg6" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170367?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-8916", "GHSA-4cx2-fc23-5wg6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhfn-dext-5ubb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18887?format=api", "vulnerability_id": "VCID-yp3a-zz4u-hkb3", "summary": "Uncontrolled Resource Consumption\nBouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33202.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33202.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33202", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34385", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33202" }, { "reference_url": "https://bouncycastle.org", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/" } ], "url": "https://bouncycastle.org" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/0c576892862ed41894f49a8f639112e8d66d229c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/0c576892862ed41894f49a8f639112e8d66d229c" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240125-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240125-0001" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056754", "reference_id": "1056754", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056754" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281", "reference_id": "2251281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202", "reference_id": "CVE-2023-33202", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202", "reference_id": "CVE-2023-33202", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902023%E2%80%9033202", "reference_id": "CVE%E2%80%902023%E2%80%9033202", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902023%E2%80%9033202" }, { "reference_url": "https://github.com/advisories/GHSA-wjxj-5m7g-mg7q", "reference_id": "GHSA-wjxj-5m7g-mg7q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wjxj-5m7g-mg7q" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240125-0001/", "reference_id": "ntap-20240125-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240125-0001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170366?format=api", "purl": "pkg:deb/debian/bouncycastle@1.77-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.77-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-33202", "GHSA-wjxj-5m7g-mg7q" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yp3a-zz4u-hkb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/253098?format=api", "vulnerability_id": "VCID-zuvd-tzgx-wbct", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-30172", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26126", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-30172" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0007" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655", "reference_id": "1070655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025", "reference_id": "2293025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172", "reference_id": "CVE-2024-30172", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172" }, { "reference_url": "https://github.com/advisories/GHSA-m44j-cfrm-g8qc", "reference_id": "GHSA-m44j-cfrm-g8qc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m44j-cfrm-g8qc" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0007/", "reference_id": "ntap-20240614-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4271", "reference_id": "RHSA-2024:4271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4326", "reference_id": "RHSA-2024:4326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4505", "reference_id": "RHSA-2024:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5479", "reference_id": "RHSA-2024:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5481", "reference_id": "RHSA-2024:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5482", "reference_id": "RHSA-2024:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5482" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170367?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-30172", "GHSA-m44j-cfrm-g8qc" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zuvd-tzgx-wbct" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9757?format=api", "vulnerability_id": "VCID-24wk-1nfq-6bhe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2423", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2424", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2425", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2428", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2643", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0877" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55176", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190204-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190204-0003" }, { "reference_url": "https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4233", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4233" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.securityfocus.com/bid/106567", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106567" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843", "reference_id": "900843", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180", "reference_id": "CVE-2018-1000180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000180", "reference_id": "CVE-2018-1000180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000180" }, { "reference_url": "https://github.com/advisories/GHSA-xqj7-j8j5-f2xr", "reference_id": "GHSA-xqj7-j8j5-f2xr", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xqj7-j8j5-f2xr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170361?format=api", "purl": "pkg:deb/debian/bouncycastle@1.59-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.59-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000180", "GHSA-xqj7-j8j5-f2xr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24wk-1nfq-6bhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159860?format=api", "vulnerability_id": "VCID-2rxz-qjny-7yhu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02437", "scoring_system": "epss", "scoring_elements": "0.85422", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26939" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-26939" }, { "reference_url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26939" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20201202-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20201202-0005" }, { "reference_url": "https://github.com/advisories/GHSA-72m5-fvvv-55m6", "reference_id": "GHSA-72m5-fvvv-55m6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-72m5-fvvv-55m6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170364?format=api", "purl": "pkg:deb/debian/bouncycastle@1.61-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.61-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-26939", "GHSA-72m5-fvvv-55m6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rxz-qjny-7yhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9830?format=api", "vulnerability_id": "VCID-3xwf-43kt-5yaf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000340", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60841", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000340" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000340", "reference_id": "CVE-2016-1000340", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000340" }, { "reference_url": "https://github.com/advisories/GHSA-r97x-3g8f-gx3m", "reference_id": "GHSA-r97x-3g8f-gx3m", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r97x-3g8f-gx3m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000340", "GHSA-r97x-3g8f-gx3m" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3xwf-43kt-5yaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13924?format=api", "vulnerability_id": "VCID-5r4r-ddfk-5fdt", "summary": "Timing based private key exposure in Bouncy Castle\nBouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.2.1, BC before 1.66, BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61913", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210622-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210622-0007" }, { "reference_url": "https://www.bouncycastle.org/releasenotes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bouncycastle.org/releasenotes.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962879", "reference_id": "1962879", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962879" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522", "reference_id": "CVE-2020-15522", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-15522", "reference_id": "CVE-2020-15522", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-15522" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15522", "reference_id": "CVE-2020-15522", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15522" }, { "reference_url": "https://github.com/advisories/GHSA-6xx3-rg99-gc3p", "reference_id": "GHSA-6xx3-rg99-gc3p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6xx3-rg99-gc3p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1401", "reference_id": "RHSA-2021:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2755", "reference_id": "RHSA-2021:2755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1013", "reference_id": "RHSA-2022:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1029", "reference_id": "RHSA-2022:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1029" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170363?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-15522", "GHSA-6xx3-rg99-gc3p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5r4r-ddfk-5fdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10183?format=api", "vulnerability_id": "VCID-6mfj-x6jd-1kdw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64914", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000342" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000342", "reference_id": "CVE-2016-1000342", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000342" }, { "reference_url": "https://github.com/advisories/GHSA-qcj7-g2j5-g7r3", "reference_id": "GHSA-qcj7-g2j5-g7r3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qcj7-g2j5-g7r3" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000342", "GHSA-qcj7-g2j5-g7r3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6mfj-x6jd-1kdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9831?format=api", "vulnerability_id": "VCID-7kmk-zdwb-mfg4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60188", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000352" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000352", "reference_id": "CVE-2016-1000352", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000352" }, { "reference_url": "https://github.com/advisories/GHSA-w285-wf9q-5w69", "reference_id": "GHSA-w285-wf9q-5w69", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w285-wf9q-5w69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000352", "GHSA-w285-wf9q-5w69" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7kmk-zdwb-mfg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/741?format=api", "vulnerability_id": "VCID-7tq8-kvpk-1bd3", "summary": "SSL CBC IV vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88352", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389" }, { "reference_url": "https://curl.se/docs/CVE-2011-3389.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2011-3389.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201111-02", "reference_id": "GLSA-201111-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201111-02" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://usn.ubuntu.com/1263-1/", "reference_id": "USN-1263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1263-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170354?format=api", "purl": "pkg:deb/debian/bouncycastle@1.49%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.49%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-3389" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7tq8-kvpk-1bd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10096?format=api", "vulnerability_id": "VCID-8fpq-m9xx-5fe3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01119", "scoring_system": "epss", "scoring_elements": "0.78547", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000339" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000339", "reference_id": "CVE-2016-1000339", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000339" }, { "reference_url": "https://github.com/advisories/GHSA-c8xf-m4ff-jcxj", "reference_id": "GHSA-c8xf-m4ff-jcxj", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c8xf-m4ff-jcxj" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000339", "GHSA-c8xf-m4ff-jcxj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fpq-m9xx-5fe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16508?format=api", "vulnerability_id": "VCID-9wja-uk5k-efar", "summary": "Improper Input Validation in Bouncy Castle\nThe TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2013/02/05/24", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2013/02/05/24" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.60105", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1624" }, { "reference_url": "http://secunia.com/advisories/57716", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/57716" }, { "reference_url": "http://secunia.com/advisories/57719", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/57719" }, { "reference_url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885", "reference_id": "699885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624", "reference_id": "CVE-2013-1624", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624" }, { "reference_url": "https://github.com/advisories/GHSA-8353-fgcr-xfhx", "reference_id": "GHSA-8353-fgcr-xfhx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8353-fgcr-xfhx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170355?format=api", "purl": "pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.48%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1624", "GHSA-8353-fgcr-xfhx" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9wja-uk5k-efar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87374?format=api", "vulnerability_id": "VCID-ad6r-2393-aye4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93538", "scoring_system": "epss", "scoring_elements": "0.99837", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "reference_id": "0101.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "reference_url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "reference_id": "1015-security-advisory-7", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" }, { "reference_url": "http://www.securitytracker.com/id/1031029", "reference_id": "1031029", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031029" }, { "reference_url": "http://www.securitytracker.com/id/1031039", "reference_id": "1031039", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031039" }, { "reference_url": "http://www.securitytracker.com/id/1031085", "reference_id": "1031085", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031085" }, { "reference_url": "http://www.securitytracker.com/id/1031086", "reference_id": "1031086", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031086" }, { "reference_url": "http://www.securitytracker.com/id/1031087", "reference_id": "1031087", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031087" }, { "reference_url": "http://www.securitytracker.com/id/1031088", "reference_id": "1031088", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031088" }, { "reference_url": "http://www.securitytracker.com/id/1031089", "reference_id": "1031089", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031089" }, { "reference_url": "http://www.securitytracker.com/id/1031090", "reference_id": "1031090", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031090" }, { "reference_url": "http://www.securitytracker.com/id/1031091", "reference_id": "1031091", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031091" }, { "reference_url": "http://www.securitytracker.com/id/1031092", "reference_id": "1031092", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031092" }, { "reference_url": "http://www.securitytracker.com/id/1031093", "reference_id": "1031093", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031093" }, { "reference_url": "http://www.securitytracker.com/id/1031094", "reference_id": "1031094", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031094" }, { "reference_url": "http://www.securitytracker.com/id/1031095", "reference_id": "1031095", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031095" }, { "reference_url": "http://www.securitytracker.com/id/1031096", "reference_id": "1031096", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031096" }, { "reference_url": "http://www.securitytracker.com/id/1031105", "reference_id": "1031105", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031105" }, { "reference_url": "http://www.securitytracker.com/id/1031106", "reference_id": "1031106", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031106" }, { "reference_url": "http://www.securitytracker.com/id/1031107", "reference_id": "1031107", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031107" }, { "reference_url": "http://www.securitytracker.com/id/1031120", "reference_id": "1031120", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031120" }, { "reference_url": "http://www.securitytracker.com/id/1031123", "reference_id": "1031123", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031123" }, { "reference_url": "http://www.securitytracker.com/id/1031124", "reference_id": "1031124", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031124" }, { "reference_url": "http://www.securitytracker.com/id/1031130", "reference_id": "1031130", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031130" }, { "reference_url": "http://www.securitytracker.com/id/1031131", "reference_id": "1031131", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031131" }, { "reference_url": "http://www.securitytracker.com/id/1031132", "reference_id": "1031132", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031132" }, { "reference_url": "https://access.redhat.com/articles/1232123", "reference_id": "1232123", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://access.redhat.com/articles/1232123" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "reference_id": "141114.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "reference_id": "141158.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "reference_id": "142330.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "reference_id": "169361.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "reference_id": "169374.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html" }, { "reference_url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "reference_id": "2014-10-14-how-poodle-happened.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "reference_url": "https://technet.microsoft.com/library/security/3009008.aspx", "reference_id": "3009008.aspx", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "reference_url": "http://www.securityfocus.com/archive/1/533746", "reference_id": "533746", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "reference_url": "http://www.securityfocus.com/archive/1/533747", "reference_id": "533747", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "reference_url": "http://www.kb.cert.org/vuls/id/577193", "reference_id": "577193", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.kb.cert.org/vuls/id/577193" }, { "reference_url": "http://secunia.com/advisories/59627", "reference_id": "59627", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/59627" }, { "reference_url": "http://secunia.com/advisories/60056", "reference_id": "60056", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60056" }, { "reference_url": "http://secunia.com/advisories/60206", "reference_id": "60206", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60206" }, { "reference_url": "http://secunia.com/advisories/60792", "reference_id": "60792", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60792" }, { "reference_url": "http://secunia.com/advisories/60859", "reference_id": "60859", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60859" }, { "reference_url": "http://secunia.com/advisories/61019", "reference_id": "61019", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61019" }, { "reference_url": "http://secunia.com/advisories/61130", "reference_id": "61130", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61130" }, { "reference_url": "http://secunia.com/advisories/61303", "reference_id": "61303", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61303" }, { "reference_url": "http://secunia.com/advisories/61316", "reference_id": "61316", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61316" }, { "reference_url": "http://secunia.com/advisories/61345", "reference_id": "61345", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61345" }, { "reference_url": "http://secunia.com/advisories/61359", "reference_id": "61359", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61359" }, { "reference_url": "http://secunia.com/advisories/61782", "reference_id": "61782", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61782" }, { "reference_url": "http://secunia.com/advisories/61810", "reference_id": "61810", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61810" }, { "reference_url": "http://secunia.com/advisories/61819", "reference_id": "61819", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61819" }, { "reference_url": "http://secunia.com/advisories/61825", "reference_id": "61825", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61825" }, { "reference_url": "http://secunia.com/advisories/61827", "reference_id": "61827", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61827" }, { "reference_url": "http://secunia.com/advisories/61926", "reference_id": "61926", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61926" }, { "reference_url": "http://secunia.com/advisories/61995", "reference_id": "61995", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61995" }, { "reference_url": "http://www.securityfocus.com/bid/70574", "reference_id": "70574", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/bid/70574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539", "reference_id": "765539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702", "reference_id": "765702", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164", "reference_id": "768164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904", "reference_id": "769904", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359", "reference_id": "771359", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "reference_id": "advisories?name=MDVSA-2014:203", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "reference_id": "advisories?name=MDVSA-2015:062", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "reference_url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "reference_id": "AST-2014-011.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html" }, { "reference_url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "reference_id": "attack-of-week-poodle.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "reference_id": "cisco-sa-20141015-poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "reference_url": "http://support.citrix.com/article/CTX200238", "reference_id": "CTX200238", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://support.citrix.com/article/CTX200238" }, { "reference_url": "https://support.citrix.com/article/CTX216642", "reference_id": "CTX216642", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.citrix.com/article/CTX216642" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "reference_id": "CVE-2014-3566.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html" }, { "reference_url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "reference_id": "cve-2014-3566-removing-sslv3-from-big-ip", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "reference_url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "reference_id": "display?docId=emr_na-c04583581", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "reference_id": "display?docId=emr_na-c04779034", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "reference_id": "docDisplay?docId=emr_na-c04819635", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "reference_id": "docDisplay?docId=emr_na-c05068681", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "reference_id": "docDisplay?docId=emr_na-c05157667", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "reference_id": "docDisplay?docId=emr_na-c05301946", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" }, { "reference_url": "https://www.suse.com/support/kb/doc.php?id=7015773", "reference_id": "doc.php?id=7015773", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "reference_id": "docview.wss?uid=isg3T1021431", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "reference_id": "docview.wss?uid=isg3T1021439", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "reference_id": "docview.wss?uid=swg21686997", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "reference_id": "docview.wss?uid=swg21687172", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "reference_id": "docview.wss?uid=swg21687611", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "reference_url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "reference_id": "docview.wss?uid=swg21688165", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "reference_id": "docview.wss?uid=swg21688283", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "reference_id": "docview.wss?uid=swg21692299", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3053", "reference_id": "dsa-3053", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3053" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3144", "reference_id": "dsa-3144", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3144" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3147", "reference_id": "dsa-3147", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3147" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3489", "reference_id": "dsa-3489", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3489" }, { "reference_url": "https://security.gentoo.org/glsa/201411-10", "reference_id": "GLSA-201411-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-10" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201606-11", "reference_id": "GLSA-201606-11", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.gentoo.org/glsa/201606-11" }, { "reference_url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_id": "how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "reference_url": "http://support.apple.com/HT204244", "reference_id": "HT204244", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://support.apple.com/HT204244" }, { "reference_url": "https://support.apple.com/kb/HT6527", "reference_id": "HT6527", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6527" }, { "reference_url": "https://support.apple.com/kb/HT6529", "reference_id": "HT6529", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6529" }, { "reference_url": "https://support.apple.com/kb/HT6531", "reference_id": "HT6531", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6531" }, { "reference_url": "https://support.apple.com/kb/HT6535", "reference_id": "HT6535", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6535" }, { "reference_url": "https://support.apple.com/kb/HT6541", "reference_id": "HT6541", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6541" }, { "reference_url": "https://support.apple.com/kb/HT6542", "reference_id": "HT6542", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6542" }, { "reference_url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "reference_id": "hw-405500.htm", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "reference_url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "reference_id": "ICSMA-18-058-02", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "index?page=content&id=JSA10705", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090", "reference_id": "index?page=content&id=SB10090", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091", "reference_id": "index?page=content&id=SB10091", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104", "reference_id": "index?page=content&id=SB10104", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2", "reference_id": "?l=bugtraq&m=141450452204552&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2", "reference_id": "?l=bugtraq&m=141450973807288&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2", "reference_id": "?l=bugtraq&m=141477196830952&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2", "reference_id": "?l=bugtraq&m=141576815022399&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2", "reference_id": "?l=bugtraq&m=141577087123040&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2", "reference_id": "?l=bugtraq&m=141577350823734&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2", "reference_id": "?l=bugtraq&m=141620103726640&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2", "reference_id": "?l=bugtraq&m=141628688425177&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2", "reference_id": "?l=bugtraq&m=141694355519663&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2", "reference_id": "?l=bugtraq&m=141697638231025&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2", "reference_id": "?l=bugtraq&m=141697676231104&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2", "reference_id": "?l=bugtraq&m=141703183219781&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2", "reference_id": "?l=bugtraq&m=141715130023061&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2", "reference_id": "?l=bugtraq&m=141775427104070&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2", "reference_id": "?l=bugtraq&m=141813976718456&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2", "reference_id": "?l=bugtraq&m=141814011518700&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2", "reference_id": "?l=bugtraq&m=141879378918327&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "reference_id": "?l=bugtraq&m=142103967620673&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2", "reference_id": "?l=bugtraq&m=142118135300698&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2", "reference_id": "?l=bugtraq&m=142296755107581&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2", "reference_id": "?l=bugtraq&m=142350196615714&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2", "reference_id": "?l=bugtraq&m=142350298616097&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2", "reference_id": "?l=bugtraq&m=142350743917559&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2", "reference_id": "?l=bugtraq&m=142354438527235&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2", "reference_id": "?l=bugtraq&m=142357976805598&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2", "reference_id": "?l=bugtraq&m=142495837901899&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2", "reference_id": "?l=bugtraq&m=142496355704097&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2", "reference_id": "?l=bugtraq&m=142546741516006&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2", "reference_id": "?l=bugtraq&m=142607790919348&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2", "reference_id": "?l=bugtraq&m=142624590206005&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067", "reference_id": "?l=bugtraq&m=142624619906067", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624619906067" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2", "reference_id": "?l=bugtraq&m=142624619906067&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2", "reference_id": "?l=bugtraq&m=142624679706236&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2", "reference_id": "?l=bugtraq&m=142624719706349&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2", "reference_id": "?l=bugtraq&m=142721830231196&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2", "reference_id": "?l=bugtraq&m=142721887231400&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2", "reference_id": "?l=bugtraq&m=142740155824959&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2", "reference_id": "?l=bugtraq&m=142791032306609&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2", "reference_id": "?l=bugtraq&m=142804214608580&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2", "reference_id": "?l=bugtraq&m=142805027510172&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2", "reference_id": "?l=bugtraq&m=142962817202793&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2", "reference_id": "?l=bugtraq&m=143039249603103&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2", "reference_id": "?l=bugtraq&m=143101048219218&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2", "reference_id": "?l=bugtraq&m=143290371927178&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2", "reference_id": "?l=bugtraq&m=143290437727362&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2", "reference_id": "?l=bugtraq&m=143290522027658&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2", "reference_id": "?l=bugtraq&m=143290583027876&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2", "reference_id": "?l=bugtraq&m=143558137709884&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2", "reference_id": "?l=bugtraq&m=143558192010071&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2", "reference_id": "?l=bugtraq&m=143628269912142&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2", "reference_id": "?l=bugtraq&m=144101915224472&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2", "reference_id": "?l=bugtraq&m=144251162130364&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2", "reference_id": "?l=bugtraq&m=144294141001552&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2", "reference_id": "?l=bugtraq&m=145983526810210&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2" }, { "reference_url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2", "reference_id": "?l=openssl-dev&m=141333049205629&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0416.html", "reference_id": "MGASA-2014-0416.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://advisories.mageia.org/MGASA-2014-0416.html" }, { "reference_url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "reference_id": "MOVEitReleaseNotes82.pdf", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "reference_id": "msg00036.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "reference_id": "msg00066.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "reference_url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "reference_id": "multiple_vulnerabilities_in_openssl6", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "reference_id": "NetBSD-SA2014-015.txt.asc", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "reference_url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "reference_id": "node-v0-10-33-stable", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20141015-0001/", "reference_id": "ntap-20141015-0001", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "reference_id": "openssl_advisory11.asc", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "reference_url": "https://support.lenovo.com/product_security/poodle", "reference_id": "poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.lenovo.com/product_security/poodle" }, { "reference_url": "https://support.lenovo.com/us/en/product_security/poodle", "reference_id": "poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "reference_url": "https://www.imperialviolet.org/2014/10/14/poodle.html", "reference_id": "poodle.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "reference_url": "https://github.com/mpgn/poodle-PoC", "reference_id": "poodle-PoC", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://github.com/mpgn/poodle-PoC" }, { "reference_url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "reference_id": "poodle-sslv3-vulnerability", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "reference_id": "RHSA-2014-1652.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "reference_id": "RHSA-2014-1653.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "reference_id": "RHSA-2014-1692.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "reference_id": "RHSA-2014-1876.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "reference_id": "RHSA-2014-1877.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "reference_id": "RHSA-2014-1880.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "reference_id": "RHSA-2014-1881.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "reference_id": "RHSA-2014-1882.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "reference_id": "RHSA-2014-1920.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "reference_id": "RHSA-2014-1948.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "reference_id": "RHSA-2015-0068.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "reference_id": "RHSA-2015-0079.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "reference_id": "RHSA-2015-0080.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "reference_id": "RHSA-2015-0085.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "reference_id": "RHSA-2015-0086.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "reference_id": "RHSA-2015-0264.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "reference_id": "RHSA-2015-0698.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "reference_id": "RHSA-2015-1545.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "reference_id": "RHSA-2015-1546.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa83", "reference_id": "sa83", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "reference_url": "https://www.openssl.org/news/secadv_20141015.txt", "reference_id": "secadv_20141015.txt", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "reference_url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "reference_id": "security-advisory-3009008-released.aspx", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "reference_id": "show_bug.cgi?id=1076983", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "reference_id": "show_bug.cgi?id=1152789", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "reference_url": "https://www.openssl.org/~bodo/ssl-poodle.pdf", "reference_id": "ssl-poodle.pdf", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "reference_url": "http://www.us-cert.gov/ncas/alerts/TA14-290A", "reference_id": "TA14-290A", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-290A" }, { "reference_url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "reference_id": "the-poodle-attack-and-the-end-of-ssl-3-0", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "reference_url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "reference_id": "this-poodle-bites-exploiting-ssl-30.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "reference_url": "https://usn.ubuntu.com/2486-1/", "reference_id": "USN-2486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2486-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2486-1", "reference_id": "USN-2486-1", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2486-1" }, { "reference_url": "https://usn.ubuntu.com/2487-1/", "reference_id": "USN-2487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2487-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2487-1", "reference_id": "USN-2487-1", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2487-1" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "reference_id": "VMSA-2015-0003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" }, { "reference_url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_id": "Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170356?format=api", "purl": "pkg:deb/debian/bouncycastle@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3566" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ad6r-2393-aye4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78659?format=api", "vulnerability_id": "VCID-d18g-jefr-d3hs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00943", "scoring_system": "epss", "scoring_elements": "0.76594", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0169" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885", "reference_id": "699885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888", "reference_id": "699888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889", "reference_id": "699889", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889" }, { "reference_url": "https://security.gentoo.org/glsa/201310-10", "reference_id": "GLSA-201310-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-10" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://usn.ubuntu.com/1732-1/", "reference_id": "USN-1732-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-1/" }, { "reference_url": "https://usn.ubuntu.com/1732-3/", "reference_id": "USN-1732-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-3/" }, { "reference_url": "https://usn.ubuntu.com/1735-1/", "reference_id": "USN-1735-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1735-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170355?format=api", "purl": "pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.48%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0169" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d18g-jefr-d3hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9894?format=api", "vulnerability_id": "VCID-djfj-zrdf-tkbr", "summary": "", "references": [ { "reference_url": "http://git.bouncycastle.org/repositories/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.bouncycastle.org/repositories/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83" }, { "reference_url": "http://git.bouncycastle.org/repositories/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.bouncycastle.org/repositories/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2036.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2036.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76936", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3417" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/10/22/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/10/22/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/10/22/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/10/22/9" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.securityfocus.com/bid/79091", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/79091" }, { "reference_url": "http://www.securitytracker.com/id/1037036", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1037036" }, { "reference_url": "http://www.securitytracker.com/id/1037046", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1037046" }, { "reference_url": "http://www.securitytracker.com/id/1037053", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1037053" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671", "reference_id": "802671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7940", "reference_id": "CVE-2015-7940", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7940" }, { "reference_url": "https://github.com/advisories/GHSA-4mv7-cq75-3qjm", "reference_id": "GHSA-4mv7-cq75-3qjm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4mv7-cq75-3qjm" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170358?format=api", "purl": "pkg:deb/debian/bouncycastle@1.51-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.51-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7940", "GHSA-4mv7-cq75-3qjm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-djfj-zrdf-tkbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9753?format=api", "vulnerability_id": "VCID-dpuq-fsdp-b7e3", "summary": "", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05036", "scoring_system": "epss", "scoring_elements": "0.89899", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000613" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/cc9f91c41be67e88fca4e38f4872418448950fd9", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/cc9f91c41be67e88fca4e38f4872418448950fd9" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190204-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190204-0003" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000613", "reference_id": "CVE-2018-1000613", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000613" }, { "reference_url": "https://github.com/advisories/GHSA-4446-656p-f54g", "reference_id": "GHSA-4446-656p-f54g", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4446-656p-f54g" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190204-0003/", "reference_id": "ntap-20190204-0003", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190204-0003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170362?format=api", "purl": "pkg:deb/debian/bouncycastle@1.60-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.60-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000613", "GHSA-4446-656p-f54g" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dpuq-fsdp-b7e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9827?format=api", "vulnerability_id": "VCID-e2bg-nh7r-8qev", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.39849", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6644" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6644", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6644" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/25aca54734b861ef109ac4943c4a5f98c0c1b885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/25aca54734b861ef109ac4943c4a5f98c0c1b885" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/2d80e6cc6f5b78e159dba3277414e3bfea511dea", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/2d80e6cc6f5b78e159dba3277414e3bfea511dea" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/874bab94a5baf426545948116cabe6f4ae338c20", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/874bab94a5baf426545948116cabe6f4ae338c20" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/9bc10bbaa9620d691c58e2b37f31f0d31ceea61f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/9bc10bbaa9620d691c58e2b37f31f0d31ceea61f" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170357?format=api", "purl": "pkg:deb/debian/bouncycastle@1.54-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.54-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-6644" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2bg-nh7r-8qev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9748?format=api", "vulnerability_id": "VCID-eb4y-54mp-akbx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01074", "scoring_system": "epss", "scoring_elements": "0.78074", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000343" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000343", "reference_id": "CVE-2016-1000343", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000343" }, { "reference_url": "https://github.com/advisories/GHSA-rrvx-pwf8-p59p", "reference_id": "GHSA-rrvx-pwf8-p59p", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rrvx-pwf8-p59p" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000343", "GHSA-rrvx-pwf8-p59p" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb4y-54mp-akbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9832?format=api", "vulnerability_id": "VCID-jkzg-w13z-2yf7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74394", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000341" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000341", "reference_id": "CVE-2016-1000341", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000341" }, { "reference_url": "https://github.com/advisories/GHSA-r9ch-m4fh-fc7q", "reference_id": "GHSA-r9ch-m4fh-fc7q", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r9ch-m4fh-fc7q" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000341", "GHSA-r9ch-m4fh-fc7q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jkzg-w13z-2yf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9946?format=api", "vulnerability_id": "VCID-jute-2wbt-kkcm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74394", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000345" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000345", "reference_id": "CVE-2016-1000345", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000345" }, { "reference_url": "https://github.com/advisories/GHSA-9gp4-qrff-c648", "reference_id": "GHSA-9gp4-qrff-c648", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9gp4-qrff-c648" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000345", "GHSA-9gp4-qrff-c648" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jute-2wbt-kkcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/336901?format=api", "vulnerability_id": "VCID-kk3t-8nak-3ye7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5598.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5598.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5598", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06656", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5598" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T13:11:48Z/" } ], "url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T13:11:48Z/" } ], "url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2026-5598", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2026-5598" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134386", "reference_id": "1134386", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134386" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458635", "reference_id": "2458635", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458635" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598", "reference_id": "CVE%E2%80%902026%E2%80%905598", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T13:11:48Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598" }, { "reference_url": "https://github.com/advisories/GHSA-p93r-85wp-75v3", "reference_id": "GHSA-p93r-85wp-75v3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p93r-85wp-75v3" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12267", "reference_id": "RHSA-2026:12267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12269", "reference_id": "RHSA-2026:12269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18054", "reference_id": "RHSA-2026:18054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18055", "reference_id": "RHSA-2026:18055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18059", "reference_id": "RHSA-2026:18059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18059" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170356?format=api", "purl": "pkg:deb/debian/bouncycastle@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-5598", "GHSA-p93r-85wp-75v3" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kk3t-8nak-3ye7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9969?format=api", "vulnerability_id": "VCID-kseg-556y-nfc7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000346", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.77168", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000346" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000346", "reference_id": "CVE-2016-1000346", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000346" }, { "reference_url": "https://github.com/advisories/GHSA-fjqm-246c-mwqg", "reference_id": "GHSA-fjqm-246c-mwqg", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fjqm-246c-mwqg" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000346", "GHSA-fjqm-246c-mwqg" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kseg-556y-nfc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9948?format=api", "vulnerability_id": "VCID-nwye-cs6h-xfa5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60188", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000344" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000344", "reference_id": "CVE-2016-1000344", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000344" }, { "reference_url": "https://github.com/advisories/GHSA-2j2x-hx4g-2gf4", "reference_id": "GHSA-2j2x-hx4g-2gf4", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2j2x-hx4g-2gf4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000344", "GHSA-2j2x-hx4g-2gf4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwye-cs6h-xfa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10214?format=api", "vulnerability_id": "VCID-q33d-vusa-4yed", "summary": "", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.68141", "scoring_system": "epss", "scoring_elements": "0.98618", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13098" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c" }, { "reference_url": "https://robotattack.org", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://robotattack.org" }, { "reference_url": "https://robotattack.org/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://robotattack.org/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171222-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20171222-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171222-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20171222-0001/" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4072", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2017/dsa-4072" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "http://www.kb.cert.org/vuls/id/144389", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.kb.cert.org/vuls/id/144389" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241", "reference_id": "884241", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13098", "reference_id": "CVE-2017-13098", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13098" }, { "reference_url": "https://github.com/advisories/GHSA-wrwf-pmmj-w989", "reference_id": "GHSA-wrwf-pmmj-w989", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wrwf-pmmj-w989" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170360?format=api", "purl": "pkg:deb/debian/bouncycastle@1.58-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.58-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-13098", "GHSA-wrwf-pmmj-w989" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q33d-vusa-4yed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9708?format=api", "vulnerability_id": "VCID-qzbg-j6u4-t3e2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59819", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000338" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0011" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000338", "reference_id": "CVE-2016-1000338", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000338" }, { "reference_url": "https://github.com/advisories/GHSA-4vhj-98r6-424h", "reference_id": "GHSA-4vhj-98r6-424h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4vhj-98r6-424h" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170359?format=api", "purl": "pkg:deb/debian/bouncycastle@1.56-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1000338", "GHSA-4vhj-98r6-424h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzbg-j6u4-t3e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10033?format=api", "vulnerability_id": "VCID-sgbb-yf8u-vbbm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35676", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5382" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/81b00861cd5711e85fe8dce2a0e119f684120255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/81b00861cd5711e85fe8dce2a0e119f684120255" }, { "reference_url": "https://www.bouncycastle.org/releasenotes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bouncycastle.org/releasenotes.html" }, { "reference_url": "https://www.kb.cert.org/vuls/id/306792", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/306792" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "http://www.securityfocus.com/bid/103453", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/103453" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5382", "reference_id": "CVE-2018-5382", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5382" }, { "reference_url": "https://github.com/advisories/GHSA-8477-3v39-ggpm", "reference_id": "GHSA-8477-3v39-ggpm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8477-3v39-ggpm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170355?format=api", "purl": "pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.48%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5382", "GHSA-8477-3v39-ggpm" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgbb-yf8u-vbbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3962?format=api", "vulnerability_id": "VCID-tjmb-fqpe-qbdn", "summary": "authentication bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28052.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04099", "scoring_system": "epss", "scoring_elements": "0.88777", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28052" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-28052", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-28052" }, { "reference_url": "https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53@%3Ccommits.pulsar.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53@%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc@%3Ccommits.pulsar.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc@%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rddd2237b8636a48d573869006ee809262525efb2b6ffa6eff50d2a2d@%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rddd2237b8636a48d573869006ee809262525efb2b6ffa6eff50d2a2d@%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052" }, { "reference_url": "https://www.bouncycastle.org/releasenotes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bouncycastle.org/releasenotes.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", "reference_id": "1912881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977683", "reference_id": "977683", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977683" }, { "reference_url": "https://security.archlinux.org/AVG-1372", "reference_id": "AVG-1372", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1372" }, { "reference_url": "https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/", "reference_id": "CVE-2020-28052-BOUNCY-CASTLE", "reference_type": "", "scores": [], "url": "https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/" }, { "reference_url": "https://github.com/advisories/GHSA-73xv-w5gp-frxh", "reference_id": "GHSA-73xv-w5gp-frxh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-73xv-w5gp-frxh" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0872", "reference_id": "RHSA-2021:0872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0873", "reference_id": "RHSA-2021:0873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0874", "reference_id": "RHSA-2021:0874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0885", "reference_id": "RHSA-2021:0885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0974", "reference_id": "RHSA-2021:0974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1401", "reference_id": "RHSA-2021:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2210", "reference_id": "RHSA-2021:2210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2755", "reference_id": "RHSA-2021:2755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3205", "reference_id": "RHSA-2021:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4767", "reference_id": "RHSA-2021:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170365?format=api", "purl": "pkg:deb/debian/bouncycastle@1.65-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.65-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28052", "GHSA-73xv-w5gp-frxh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjmb-fqpe-qbdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52037?format=api", "vulnerability_id": "VCID-utu9-6nd2-b3fh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75292", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6721" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp" }, { "reference_url": "https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp/" }, { "reference_url": "https://web.archive.org/web/20080316202318/http://www.bouncycastle.org:80/releasenotes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20080316202318/http://www.bouncycastle.org:80/releasenotes.html" }, { "reference_url": "http://www.bouncycastle.org/devmailarchive/msg08195.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6721", "reference_id": "CVE-2007-6721", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6721" }, { "reference_url": "https://github.com/advisories/GHSA-m26p-m559-g5j5", "reference_id": "GHSA-m26p-m559-g5j5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m26p-m559-g5j5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170351?format=api", "purl": "pkg:deb/debian/bouncycastle@1.38-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-6721", "GHSA-m26p-m559-g5j5" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utu9-6nd2-b3fh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/141450?format=api", "vulnerability_id": "VCID-zb8k-96rt-wkg6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03325", "scoring_system": "epss", "scoring_elements": "0.87493", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17359" }, { "reference_url": "https://lists.apache.org/thread.html/r02f887807a49cfd1f1ad53f7a61f3f8e12f60ba2c930bec163031209@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r02f887807a49cfd1f1ad53f7a61f3f8e12f60ba2c930bec163031209@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r16c3a90cb35ae8a9c74fd5c813c16d6ac255709c9f9d71cd409e007d@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r16c3a90cb35ae8a9c74fd5c813c16d6ac255709c9f9d71cd409e007d@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r467ade3fef3493f1fff1a68a256d087874e1f858ad1de7a49fe05d27@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r467ade3fef3493f1fff1a68a256d087874e1f858ad1de7a49fe05d27@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4d475dcaf4f57115fa57d8e06c3823ca398b35468429e7946ebaefdc@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4d475dcaf4f57115fa57d8e06c3823ca398b35468429e7946ebaefdc@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r79b6a6aa0dd1aeb57bd253d94794bc96f1ec005953c4bd5414cc0db0@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r79b6a6aa0dd1aeb57bd253d94794bc96f1ec005953c4bd5414cc0db0@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8ecb5b76347f84b6e3c693f980dbbead88c25f77b815053c4e6f2c30@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8ecb5b76347f84b6e3c693f980dbbead88c25f77b815053c4e6f2c30@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r91b07985b1307390a58c5b9707f0b28ef8e9c9e1c86670459f20d601@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r91b07985b1307390a58c5b9707f0b28ef8e9c9e1c86670459f20d601@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re60f980c092ada4bfe236dcfef8b6ca3e8f3b150fc0f51b8cc13d59d@%3Ccommits.tomee.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re60f980c092ada4bfe236dcfef8b6ca3e8f3b150fc0f51b8cc13d59d@%3Ccommits.tomee.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191024-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20191024-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191024-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191024-0006/" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://www.bouncycastle.org/releasenotes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bouncycastle.org/releasenotes.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17359", "reference_id": "CVE-2019-17359", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17359" }, { "reference_url": "https://github.com/advisories/GHSA-2mh8-gx2m-mr75", "reference_id": "GHSA-2mh8-gx2m-mr75", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2mh8-gx2m-mr75" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/170356?format=api", "purl": "pkg:deb/debian/bouncycastle@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170352?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170350?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7xfh-byzs-tkdp" }, { "vulnerability": "VCID-ehyy-3cqc-rbas" }, { "vulnerability": "VCID-kk3t-8nak-3ye7" }, { "vulnerability": "VCID-p5xq-b7r6-kbg3" }, { "vulnerability": "VCID-sdd6-qqdu-uffb" }, { "vulnerability": "VCID-vkma-tkqz-r7ha" }, { "vulnerability": "VCID-yhfn-dext-5ubb" }, { "vulnerability": "VCID-yp3a-zz4u-hkb3" }, { "vulnerability": "VCID-zuvd-tzgx-wbct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/170353?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kk3t-8nak-3ye7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17359", "GHSA-2mh8-gx2m-mr75" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb8k-96rt-wkg6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }