Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/201223?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "openssl", "version": "3.5.6-1~deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.6.2-1", "latest_non_vulnerable_version": "3.6.2-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92680?format=api", "vulnerability_id": "VCID-123j-9v1v-tkgy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03949", "scoring_system": "epss", "scoring_elements": "0.88547", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201275?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0288" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-123j-9v1v-tkgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5005?format=api", "vulnerability_id": "VCID-1565-jkfm-6bdz", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18101", "scoring_system": "epss", "scoring_elements": "0.95295", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2179" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2179" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1565-jkfm-6bdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5002?format=api", "vulnerability_id": "VCID-1hj7-mbgw-uqg9", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28947", "scoring_system": "epss", "scoring_elements": "0.96648", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2182" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2182" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hj7-mbgw-uqg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92679?format=api", "vulnerability_id": "VCID-1hq1-21gv-rkah", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04942", "scoring_system": "epss", "scoring_elements": "0.89793", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201275?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0287" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hq1-21gv-rkah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15805?format=api", "vulnerability_id": "VCID-1kax-e29y-2qay", "summary": "Improper Certificate Validation\nThe function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL \"ocsp\" application. When verifying an ocsp response with the \"-no_cert_checks\" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40903", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1343" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/github/advisory-database/issues/405", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/issues/405" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0027.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0027.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220602-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220602-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220602-0009/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220602-0009/" }, { "reference_url": "https://www.openssl.org/news/secadv/20220503.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/" } ], "url": "https://www.openssl.org/news/secadv/20220503.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1343", "reference_id": "CVE-2022-1343", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1343" }, { "reference_url": "https://github.com/advisories/GHSA-mfm6-r9g2-q4r7", "reference_id": "GHSA-mfm6-r9g2-q4r7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mfm6-r9g2-q4r7" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a" }, { "reference_url": "https://usn.ubuntu.com/5402-1/", "reference_id": "USN-5402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-1343", "GHSA-mfm6-r9g2-q4r7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1kax-e29y-2qay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102969?format=api", "vulnerability_id": "VCID-1m9q-yzrq-rkgm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.79963", "scoring_system": "epss", "scoring_elements": "0.99132", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2107" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39768.txt", "reference_id": "CVE-2016-2107", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39768.txt" }, { "reference_url": "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html", "reference_id": "CVE-2016-2107", "reference_type": "exploit", "scores": [], "url": "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/2959-1/", "reference_id": "USN-2959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201282?format=api", "purl": "pkg:deb/debian/openssl@1.0.2h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2107" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1m9q-yzrq-rkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94166?format=api", "vulnerability_id": "VCID-1te5-esdc-gud3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09615", "scoring_system": "epss", "scoring_elements": "0.93012", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://usn.ubuntu.com/2639-1/", "reference_id": "USN-2639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201277?format=api", "purl": "pkg:deb/debian/openssl@1.0.2b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1790" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1te5-esdc-gud3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74408?format=api", "vulnerability_id": "VCID-1vgc-nps6-j3h2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1165", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03102", "scoring_system": "epss", "scoring_elements": "0.87036", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663642", "reference_id": "663642", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663642" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1424-1/", "reference_id": "USN-1424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1424-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201236?format=api", "purl": "pkg:deb/debian/openssl@1.0.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-1165" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vgc-nps6-j3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16822?format=api", "vulnerability_id": "VCID-1y34-563n-83b3", "summary": "Timing based side channel\nA timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4304.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4304.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00224", "scoring_system": "epss", "scoring_elements": "0.4515", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4304" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:19Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:19Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487", "reference_id": "2164487", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304", "reference_id": "CVE-2022-4304", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1405", "reference_id": "RHSA-2023:1405", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1405" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2165", "reference_id": "RHSA-2023:2165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2932", "reference_id": "RHSA-2023:2932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3408", "reference_id": "RHSA-2023:3408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3420", "reference_id": "RHSA-2023:3420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3421", "reference_id": "RHSA-2023:3421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4128", "reference_id": "RHSA-2023:4128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4128" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" }, { "reference_url": "https://usn.ubuntu.com/6564-1/", "reference_id": "USN-6564-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6564-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201314?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-4304", "GHSA-p52g-cm5j-mjv4" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1y34-563n-83b3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92628?format=api", "vulnerability_id": "VCID-26wn-ud2c-eycu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91945", "scoring_system": "epss", "scoring_elements": "0.99711", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0204" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-26wn-ud2c-eycu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/314063?format=api", "vulnerability_id": "VCID-2e7a-p1jj-93eu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68160.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68160.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13174", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68160" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "reference_id": "2430380", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380" }, { "reference_url": "https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad", "reference_id": "384011202af92605d926fafe4a0bcd6b65d162ad", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/" } ], "url": "https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad" }, { "reference_url": "https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6", "reference_id": "475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/" } ], "url": "https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6" }, { "reference_url": "https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c", "reference_id": "4c96fbba618e1940f038012506ee9e21d32ee12c", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/" } ], "url": "https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c" }, { "reference_url": "https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0", "reference_id": "6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/" } ], "url": "https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0" }, { "reference_url": "https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096", "reference_id": "68a7cd2e2816c3a02f4d45a2ce43fc04fac97096", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/" } ], "url": "https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-68160" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2e7a-p1jj-93eu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106087?format=api", "vulnerability_id": "VCID-2fcy-x5vc-p3g8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2493", "scoring_system": "epss", "scoring_elements": "0.96258", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6305" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6305" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2fcy-x5vc-p3g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98620?format=api", "vulnerability_id": "VCID-2fh5-2uft-pkc2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0107", "scoring_system": "epss", "scoring_elements": "0.78035", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://security.gentoo.org/glsa/201706-18", "reference_id": "GLSA-201706-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-18" }, { "reference_url": "https://security.gentoo.org/glsa/201801-15", "reference_id": "GLSA-201801-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150", "reference_id": "mfsa2015-150", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150" }, { "reference_url": "https://usn.ubuntu.com/2863-1/", "reference_id": "USN-2863-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2863-1/" }, { "reference_url": "https://usn.ubuntu.com/2864-1/", "reference_id": "USN-2864-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2864-1/" }, { "reference_url": "https://usn.ubuntu.com/2865-1/", "reference_id": "USN-2865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2865-1/" }, { "reference_url": "https://usn.ubuntu.com/2866-1/", "reference_id": "USN-2866-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2866-1/" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2904-1/", "reference_id": "USN-2904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201268?format=api", "purl": "pkg:deb/debian/openssl@1.0.1f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7575" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2fh5-2uft-pkc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65167?format=api", "vulnerability_id": "VCID-2gvf-zs1a-9ufq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45694", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1378" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-1378" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gvf-zs1a-9ufq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77388?format=api", "vulnerability_id": "VCID-2jz2-jaby-bqha", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08487", "scoring_system": "epss", "scoring_elements": "0.92494", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936", "reference_id": "689936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399", "reference_id": "700399", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426", "reference_id": "700426", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197", "reference_id": "727197", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055", "reference_id": "728055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://usn.ubuntu.com/1627-1/", "reference_id": "USN-1627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1627-1/" }, { "reference_url": "https://usn.ubuntu.com/1628-1/", "reference_id": "USN-1628-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1628-1/" }, { "reference_url": "https://usn.ubuntu.com/1898-1/", "reference_id": "USN-1898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201267?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-4929" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jz2-jaby-bqha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6217?format=api", "vulnerability_id": "VCID-2qez-fd3e-qba3", "summary": "information disclosure", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42931", "scoring_system": "epss", "scoring_elements": "0.97548", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3737" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-548", "reference_id": "AVG-548", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-548" }, { "reference_url": "https://security.archlinux.org/AVG-549", "reference_id": "AVG-549", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-549" }, { "reference_url": "https://security.gentoo.org/glsa/201712-03", "reference_id": "GLSA-201712-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-03" }, { "reference_url": "https://usn.ubuntu.com/3512-1/", "reference_id": "USN-3512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201240?format=api", "purl": "pkg:deb/debian/openssl@1.1.0b-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0b-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3737" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2qez-fd3e-qba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72394?format=api", "vulnerability_id": "VCID-2rah-4pxy-vfg2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4109", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02648", "scoring_system": "epss", "scoring_elements": "0.8601", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4109" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201260?format=api", "purl": "pkg:deb/debian/openssl@1.0.0c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4109" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rah-4pxy-vfg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87379?format=api", "vulnerability_id": "VCID-2zx3-4ekm-vqf6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31582", "scoring_system": "epss", "scoring_elements": "0.96874", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3571" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zx3-4ekm-vqf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60293?format=api", "vulnerability_id": "VCID-32ar-4vc2-9ued", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13245", "scoring_system": "epss", "scoring_elements": "0.94267", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1378" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400", "reference_id": "530400", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://usn.ubuntu.com/792-1/", "reference_id": "USN-792-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/792-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201244?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1378" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32ar-4vc2-9ued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/26098?format=api", "vulnerability_id": "VCID-389t-16f2-dybw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2000-1254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0068", "scoring_system": "epss", "scoring_elements": "0.71928", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2000-1254" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201220?format=api", "purl": "pkg:deb/debian/openssl@0.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2000-1254" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-389t-16f2-dybw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/315014?format=api", "vulnerability_id": "VCID-3fzu-b8xk-gfa7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69420.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69420.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78639", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69420" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "reference_id": "2430388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388" }, { "reference_url": "https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9", "reference_id": "27c7012c91cc986a598d7540f3079dfde2416eb9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/" } ], "url": "https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9" }, { "reference_url": "https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a", "reference_id": "4e254b48ad93cc092be3dd62d97015f33f73133a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/" } ], "url": "https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a" }, { "reference_url": "https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e", "reference_id": "564fd9c73787f25693bf9e75faf7bf6bb1305d4e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/" } ], "url": "https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e" }, { "reference_url": "https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b", "reference_id": "5eb0770ffcf11b785cf374ff3c19196245e54f1b", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/" } ], "url": "https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b" }, { "reference_url": "https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085", "reference_id": "a99349ebfc519999edc50620abe24d599b9eb085", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/" } ], "url": "https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-69420" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fzu-b8xk-gfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32350?format=api", "vulnerability_id": "VCID-3p9e-9w8m-4fa2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22995", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0975" }, { "reference_url": "https://usn.ubuntu.com/24-1/", "reference_id": "USN-24-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/24-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201231?format=api", "purl": "pkg:deb/debian/openssl@0.9.7e-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7e-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0975" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3p9e-9w8m-4fa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/121703?format=api", "vulnerability_id": "VCID-3r1u-3czy-vqh1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0733", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02235", "scoring_system": "epss", "scoring_elements": "0.8482", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0733" }, { "reference_url": "https://security.gentoo.org/glsa/201811-21", "reference_id": "GLSA-201811-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-21" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201291?format=api", "purl": "pkg:deb/debian/openssl@1.1.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0733" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3r1u-3czy-vqh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73351?format=api", "vulnerability_id": "VCID-3shu-vm8r-duc3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03261", "scoring_system": "epss", "scoring_elements": "0.87369", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0050" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201263?format=api", "purl": "pkg:deb/debian/openssl@1.0.0g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-0050" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3shu-vm8r-duc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196447?format=api", "vulnerability_id": "VCID-3t6w-ry5b-a7dz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39689", "scoring_system": "epss", "scoring_elements": "0.97382", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2274" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/issues/18625", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openssl/openssl/issues/18625" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4d8a88c134df634ba610ff8db1eb8478ac5fd345", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4d8a88c134df634ba610ff8db1eb8478ac5fd345" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220715-0010", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220715-0010" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220715-0010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220715-0010/" }, { "reference_url": "https://www.openssl.org/news/secadv/20220705.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20220705.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013441", "reference_id": "1013441", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013441" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2274", "reference_id": "CVE-2022-2274", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2274" }, { "reference_url": "https://github.com/advisories/GHSA-735f-pg76-fxc4", "reference_id": "GHSA-735f-pg76-fxc4", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-735f-pg76-fxc4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201315?format=api", "purl": "pkg:deb/debian/openssl@3.0.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2274", "GHSA-735f-pg76-fxc4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3t6w-ry5b-a7dz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45664?format=api", "vulnerability_id": "VCID-3txg-4xka-ebbz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-7250", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01998", "scoring_system": "epss", "scoring_elements": "0.83946", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-7250" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1424-1/", "reference_id": "USN-1424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1424-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201236?format=api", "purl": "pkg:deb/debian/openssl@1.0.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-7250" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3txg-4xka-ebbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87342?format=api", "vulnerability_id": "VCID-3vtc-jmev-a7b4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14798", "scoring_system": "epss", "scoring_elements": "0.94616", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3510" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vtc-jmev-a7b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87345?format=api", "vulnerability_id": "VCID-44dr-94gm-huh6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3513", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35743", "scoring_system": "epss", "scoring_elements": "0.97155", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2385-1/", "reference_id": "USN-2385-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2385-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201273?format=api", "purl": "pkg:deb/debian/openssl@1.0.1j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3513" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44dr-94gm-huh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72673?format=api", "vulnerability_id": "VCID-4cxt-664h-yba8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.778", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4576" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201259?format=api", "purl": "pkg:deb/debian/openssl@1.0.0f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4576" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4cxt-664h-yba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143295?format=api", "vulnerability_id": "VCID-4dku-z4cm-t7hg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03048", "scoring_system": "epss", "scoring_elements": "0.8692", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1549" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://usn.ubuntu.com/4376-1/", "reference_id": "USN-4376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4376-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201297?format=api", "purl": "pkg:deb/debian/openssl@1.1.1d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1549" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dku-z4cm-t7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3413?format=api", "vulnerability_id": "VCID-4dsd-gb34-tbfb", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02544", "scoring_system": "epss", "scoring_elements": "0.85729", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3711" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46" }, { "reference_url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0097.html" }, { "reference_url": "https://security.gentoo.org/glsa/202209-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202209-02" }, { "reference_url": "https://security.gentoo.org/glsa/202210-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210827-0010", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210827-0010" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211022-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211022-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4963", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2021/dsa-4963" }, { "reference_url": "https://www.openssl.org/news/secadv/20210824.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20210824.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-16" }, { "reference_url": "https://www.tenable.com/security/tns-2022-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2022-02" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/08/26/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/08/26/2" }, { "reference_url": "https://security.archlinux.org/AVG-2315", "reference_id": "AVG-2315", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2315" }, { "reference_url": "https://security.archlinux.org/AVG-2316", "reference_id": "AVG-2316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2316" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", "reference_id": "CVE-2021-3711", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711" }, { "reference_url": "https://github.com/advisories/GHSA-5ww6-px42-wc85", "reference_id": "GHSA-5ww6-px42-wc85", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5ww6-px42-wc85" }, { "reference_url": "https://usn.ubuntu.com/5051-1/", "reference_id": "USN-5051-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5051-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201305?format=api", "purl": "pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201304?format=api", "purl": "pkg:deb/debian/openssl@1.1.1l-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1l-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3711", "GHSA-5ww6-px42-wc85" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dsd-gb34-tbfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18080?format=api", "vulnerability_id": "VCID-4rjp-y9w5-sfak", "summary": "Improper Authentication\nIssue summary: The AES-SIV cipher implementation contains a bug that causes\nit to ignore empty associated data entries which are unauthenticated as\na consequence.\n\nImpact summary: Applications that use the AES-SIV algorithm and want to\nauthenticate empty data entries as associated data can be mislead by removing\nadding or reordering such empty entries as these are ignored by the OpenSSL\nimplementation. We are currently unaware of any such applications.\n\nThe AES-SIV algorithm allows for authentication of multiple associated\ndata entries along with the encryption. To authenticate empty data the\napplication has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with\nNULL pointer as the output buffer and 0 as the input buffer length.\nThe AES-SIV implementation in OpenSSL just returns success for such a call\ninstead of performing the associated data authentication operation.\nThe empty data thus will not be authenticated.\n\nAs this issue does not affect non-empty associated data authentication and\nwe expect it to be rare for an application to use empty associated data\nentries this is qualified as Low severity issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41736", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2975" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:23Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:23Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230725-0004/" }, { "reference_url": "https://www.openssl.org/news/secadv/20230714.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:23Z/" } ], "url": "https://www.openssl.org/news/secadv/20230714.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/15/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/07/15/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/19/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/07/19/5" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041818", "reference_id": "1041818", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041818" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223016", "reference_id": "2223016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223016" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2975", "reference_id": "CVE-2023-2975", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://usn.ubuntu.com/6450-1/", "reference_id": "USN-6450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6450-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201321?format=api", "purl": "pkg:deb/debian/openssl@3.0.10-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201322?format=api", "purl": "pkg:deb/debian/openssl@3.0.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-2975" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rjp-y9w5-sfak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75195?format=api", "vulnerability_id": "VCID-4sxh-2b9r-17hb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08744", "scoring_system": "epss", "scoring_elements": "0.92633", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2110" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/18756.txt", "reference_id": "CVE-2012-2131;OSVDB-81223;CVE-2012-2110", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/18756.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1424-1/", "reference_id": "USN-1424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1424-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201264?format=api", "purl": "pkg:deb/debian/openssl@1.0.1a-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1a-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2110" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sxh-2b9r-17hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/157470?format=api", "vulnerability_id": "VCID-4uv1-986c-vff2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77744", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1968" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.openssl.org/news/secadv/20200909.txt", "reference_id": "20200909.txt", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:10:30Z/" } ], "url": "https://www.openssl.org/news/secadv/20200909.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1968", "reference_id": "CVE-2020-1968", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1968" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:10:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00016.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200911-0004/", "reference_id": "ntap-20200911-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:10:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200911-0004/" }, { "reference_url": "https://usn.ubuntu.com/4504-1/", "reference_id": "USN-4504-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:10:30Z/" } ], "url": "https://usn.ubuntu.com/4504-1/" }, { "reference_url": "https://usn.ubuntu.com/7018-1/", "reference_id": "USN-7018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201286?format=api", "purl": "pkg:deb/debian/openssl@1.1.0c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-1968" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4uv1-986c-vff2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6216?format=api", "vulnerability_id": "VCID-57bj-4bua-43b1", "summary": "private key recovery", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15507", "scoring_system": "epss", "scoring_elements": "0.94782", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201804-2", "reference_id": "ASA-201804-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-2" }, { "reference_url": "https://security.archlinux.org/ASA-201804-6", "reference_id": "ASA-201804-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-6" }, { "reference_url": "https://security.archlinux.org/AVG-540", "reference_id": "AVG-540", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-540" }, { "reference_url": "https://security.archlinux.org/AVG-551", "reference_id": "AVG-551", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-551" }, { "reference_url": "https://security.gentoo.org/glsa/201712-03", "reference_id": "GLSA-201712-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-03" }, { "reference_url": "https://usn.ubuntu.com/3512-1/", "reference_id": "USN-3512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201291?format=api", "purl": "pkg:deb/debian/openssl@1.1.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3738" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57bj-4bua-43b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65398?format=api", "vulnerability_id": "VCID-58uh-6u88-ebbr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00779", "scoring_system": "epss", "scoring_elements": "0.73968", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1633" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-1633" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-58uh-6u88-ebbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143298?format=api", "vulnerability_id": "VCID-59g4-c8qk-jqbz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0496", "scoring_system": "epss", "scoring_elements": "0.8982", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1559" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201903-10", "reference_id": "GLSA-201903-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-10" }, { "reference_url": "https://usn.ubuntu.com/3899-1/", "reference_id": "USN-3899-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3899-1/" }, { "reference_url": "https://usn.ubuntu.com/4376-2/", "reference_id": "USN-4376-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4376-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201240?format=api", "purl": "pkg:deb/debian/openssl@1.1.0b-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0b-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1559" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59g4-c8qk-jqbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/318507?format=api", "vulnerability_id": "VCID-5cpy-4cch-uqhe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9230.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9230.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11486", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9230" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20250930.txt", "reference_id": "20250930.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://openssl-library.org/news/secadv/20250930.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054", "reference_id": "2396054", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054" }, { "reference_url": "https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45", "reference_id": "5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45" }, { "reference_url": "https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280", "reference_id": "9e91358f365dee6c446dcdcdb01c04d2743fd280", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280" }, { "reference_url": "https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def", "reference_id": "a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def" }, { "reference_url": "https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd", "reference_id": "b5282d677551afda7d20e9c00e09561b547b2dfd", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd" }, { "reference_url": "https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482", "reference_id": "bae259a211ada6315dc50900686daaaaaa55f482", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3", "reference_id": "c2b96348bfa662f25f4fabf81958ae822063dae3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba", "reference_id": "dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21174", "reference_id": "RHSA-2025:21174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21248", "reference_id": "RHSA-2025:21248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21255", "reference_id": "RHSA-2025:21255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21562", "reference_id": "RHSA-2025:21562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21994", "reference_id": "RHSA-2025:21994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22428", "reference_id": "RHSA-2025:22428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22548", "reference_id": "RHSA-2025:22548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22794", "reference_id": "RHSA-2025:22794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22868", "reference_id": "RHSA-2025:22868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23078", "reference_id": "RHSA-2025:23078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23079", "reference_id": "RHSA-2025:23079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23080", "reference_id": "RHSA-2025:23080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23202", "reference_id": "RHSA-2025:23202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23204", "reference_id": "RHSA-2025:23204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23205", "reference_id": "RHSA-2025:23205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23209", "reference_id": "RHSA-2025:23209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23449", "reference_id": "RHSA-2025:23449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0332", "reference_id": "RHSA-2026:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0337", "reference_id": "RHSA-2026:0337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0420", "reference_id": "RHSA-2026:0420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0602", "reference_id": "RHSA-2026:0602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0674", "reference_id": "RHSA-2026:0674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0702", "reference_id": "RHSA-2026:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0714", "reference_id": "RHSA-2026:0714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0794", "reference_id": "RHSA-2026:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0887", "reference_id": "RHSA-2026:0887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1349", "reference_id": "RHSA-2026:1349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1475", "reference_id": "RHSA-2026:1475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652", "reference_id": "RHSA-2026:1652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1720", "reference_id": "RHSA-2026:1720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18320", "reference_id": "RHSA-2026:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2771", "reference_id": "RHSA-2026:2771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2776", "reference_id": "RHSA-2026:2776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2974", "reference_id": "RHSA-2026:2974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2994", "reference_id": "RHSA-2026:2994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3164", "reference_id": "RHSA-2026:3164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3415", "reference_id": "RHSA-2026:3415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3861", "reference_id": "RHSA-2026:3861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7786-1/", "reference_id": "USN-7786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7786-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201346?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201345?format=api", "purl": "pkg:deb/debian/openssl@3.0.17-1~deb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.17-1~deb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201348?format=api", "purl": "pkg:deb/debian/openssl@3.5.1-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.1-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201347?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-9230" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5cpy-4cch-uqhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60302?format=api", "vulnerability_id": "VCID-5ejb-tet8-nbh4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13464", "scoring_system": "epss", "scoring_elements": "0.94324", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1387" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037", "reference_id": "532037", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://usn.ubuntu.com/792-1/", "reference_id": "USN-792-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/792-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201247?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1387" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ejb-tet8-nbh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87311?format=api", "vulnerability_id": "VCID-5huy-fvd2-h3gg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91395", "scoring_system": "epss", "scoring_elements": "0.99676", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665", "reference_id": "750665", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665" }, { "reference_url": "https://security.gentoo.org/glsa/201407-05", "reference_id": "GLSA-201407-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201407-05" }, { "reference_url": "https://usn.ubuntu.com/2232-1/", "reference_id": "USN-2232-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2232-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201270?format=api", "purl": "pkg:deb/debian/openssl@1.0.1h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3470" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5huy-fvd2-h3gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31536?format=api", "vulnerability_id": "VCID-5pbd-7pha-kfd1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02277", "scoring_system": "epss", "scoring_elements": "0.84937", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0079" }, { "reference_url": "http://www.trustix.org/errata/2004/0012", "reference_id": "0012", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.trustix.org/errata/2004/0012" }, { "reference_url": "http://secunia.com/advisories/11139", "reference_id": "11139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://secunia.com/advisories/11139" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", "reference_id": "15505", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "reference_url": "http://secunia.com/advisories/17381", "reference_id": "17381", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://secunia.com/advisories/17381" }, { "reference_url": "http://secunia.com/advisories/17398", "reference_id": "17398", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://secunia.com/advisories/17398" }, { "reference_url": "http://secunia.com/advisories/17401", "reference_id": "17401", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://secunia.com/advisories/17401" }, { "reference_url": "http://secunia.com/advisories/18247", "reference_id": "18247", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://secunia.com/advisories/18247" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", "reference_id": "2004_07_openssl.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "reference_url": "http://www.kb.cert.org/vuls/id/288574", "reference_id": "288574", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "reference_url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", "reference_id": "57524", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "reference_url": "http://www.securityfocus.com/bid/9899", "reference_id": "9899", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.securityfocus.com/bid/9899" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", "reference_id": "advisories?name=MDKSA-2004:023", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=61798", "reference_id": "article.html?artnum=61798", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", "reference_id": "ASA-2005-239.htm", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "reference_url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", "reference_id": "cisco-sa-20040317-openssl.shtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "reference_url": "http://www.debian.org/security/2004/dsa-465", "reference_id": "dsa-465", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "reference_url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", "reference_id": "engarde_advisory-4135.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "reference_url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml", "reference_id": "FEDORA-2004-095.shtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "reference_url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", "reference_id": "FreeBSD-SA-04:05.openssl.asc", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "reference_url": "https://security.gentoo.org/glsa/200403-03", "reference_id": "GLSA-200403-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200403-03" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200403-03.xml", "reference_id": "glsa-200403-03.xml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "reference_url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", "reference_id": "?id=a&anuncio=000834", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834" }, { "reference_url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "reference_id": "index.htm", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "reference_url": "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", "reference_id": "index?page=content&id=TE88&locale=EN&userlocale=EN_US", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US" }, { "reference_url": "http://marc.info/?l=bugtraq&m=107953412903636&w=2", "reference_id": "?l=bugtraq&m=107953412903636&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://marc.info/?l=bugtraq&m=107953412903636&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=108403806509920&w=2", "reference_id": "?l=bugtraq&m=108403806509920&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://marc.info/?l=bugtraq&m=108403806509920&w=2" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "reference_url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html", "reference_id": "msg00045.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "reference_url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", "reference_id": "msg00087.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", "reference_id": "NetBSD-SA2004-005.txt.asc", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "reference_url": "http://www.ciac.org/ciac/bulletins/o-101.shtml", "reference_id": "o-101.shtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A2621", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A5770", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A870", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A975", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A9779", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2004-120.html", "reference_id": "RHSA-2004-120.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2004-121.html", "reference_id": "RHSA-2004-121.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2004-139.html", "reference_id": "RHSA-2004-139.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2005-829.html", "reference_id": "RHSA-2005-829.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2005-830.html", "reference_id": "RHSA-2005-830.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "reference_url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", "reference_id": "SCOSA-2004.10.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "reference_url": "http://www.openssl.org/news/secadv_20040317.txt", "reference_id": "secadv_20040317.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", "reference_id": "TA04-078A.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "reference_url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", "reference_id": "viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-08T16:21:54Z/" } ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201229?format=api", "purl": "pkg:deb/debian/openssl@0.9.7d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0079" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5pbd-7pha-kfd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15808?format=api", "vulnerability_id": "VCID-5rnh-ggk4-8bdq", "summary": "Use of a Broken or Risky Cryptographic Algorithm\nThe OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such that the modified data would still pass the MAC integrity check. Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 endpoint will always be rejected by the recipient and the connection will fail at that point. Many application protocols require data to be sent from the client to the server first. Therefore, in such a case, only an OpenSSL 3.0 server would be impacted when talking to a non-OpenSSL 3.0 client. If both endpoints are OpenSSL 3.0 then the attacker could modify data being sent in both directions. In this case both clients and servers could be affected, regardless of the application protocol. Note that in the absence of an attacker this bug means that an OpenSSL 3.0 endpoint communicating with a non-OpenSSL 3.0 endpoint will fail to complete the handshake when using this ciphersuite. The confidentiality of data is not impacted by this issue, i.e. an attacker cannot decrypt data that has been encrypted using this ciphersuite - they can only modify it. In order for this attack to work both endpoints must legitimately negotiate the RC4-MD5 ciphersuite. This ciphersuite is not compiled by default in OpenSSL 3.0, and is not available within the default provider or the default ciphersuite list. This ciphersuite will never be used if TLSv1.3 has been negotiated. In order for an OpenSSL 3.0 endpoint to use this ciphersuite the following must have occurred: 1) OpenSSL must have been compiled with the (non-default) compile time option enable-weak-ssl-ciphers 2) OpenSSL must have had the legacy provider explicitly loaded (either through application code or via configuration) 3) The ciphersuite must have been explicitly added to the ciphersuite list 4) The libssl security level must have been set to 0 (default is 1) 5) A version of SSL/TLS below TLSv1.3 must have been negotiated 6) Both endpoints must negotiate the RC4-MD5 ciphersuite in preference to any others that both endpoints have in common Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20869", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1434" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/github/advisory-database/issues/405", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/issues/405" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d56a74a96828985db7354a55227a511615f732b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d56a74a96828985db7354a55227a511615f732b" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0026.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220602-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220602-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220602-0009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220602-0009/" }, { "reference_url": "https://www.openssl.org/news/secadv/20220503.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20220503.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1434", "reference_id": "CVE-2022-1434", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1434" }, { "reference_url": "https://github.com/advisories/GHSA-638m-m8mh-7gw2", "reference_id": "GHSA-638m-m8mh-7gw2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-638m-m8mh-7gw2" }, { "reference_url": "https://usn.ubuntu.com/5402-1/", "reference_id": "USN-5402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-1434", "GHSA-638m-m8mh-7gw2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rnh-ggk4-8bdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100815?format=api", "vulnerability_id": "VCID-5zsm-j6hb-7uej", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25961", "scoring_system": "epss", "scoring_elements": "0.96364", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" }, { "reference_url": "https://usn.ubuntu.com/2914-1/", "reference_id": "USN-2914-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2914-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201281?format=api", "purl": "pkg:deb/debian/openssl@1.0.2g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0798" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5zsm-j6hb-7uej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/322133?format=api", "vulnerability_id": "VCID-6c9t-f9wj-cbbs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22796.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22796.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22796", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0052", "scoring_system": "epss", "scoring_elements": "0.6713", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22796" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "reference_id": "2430390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390" }, { "reference_url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "reference_id": "2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/" } ], "url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4" }, { "reference_url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "reference_id": "572844beca95068394c916626a6d3a490f831a49", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/" } ], "url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49" }, { "reference_url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "reference_id": "7bbca05be55b129651d9df4bdb92becc45002c12", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/" } ], "url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12" }, { "reference_url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "reference_id": "eeee3cbd4d682095ed431052f00403004596373e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/" } ], "url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e" }, { "reference_url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "reference_id": "ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/" } ], "url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-22796" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6c9t-f9wj-cbbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28264?format=api", "vulnerability_id": "VCID-6kt1-m1w9-u7dt", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03678", "scoring_system": "epss", "scoring_elements": "0.88114", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0657" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201224?format=api", "purl": "pkg:deb/debian/openssl@0.9.6e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-0657" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6kt1-m1w9-u7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28263?format=api", "vulnerability_id": "VCID-6ndx-dg5a-37ex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0656", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.8906", "scoring_system": "epss", "scoring_elements": "0.99544", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0656" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/40347.txt", "reference_id": "CVE-2002-0656", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/40347.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201224?format=api", "purl": "pkg:deb/debian/openssl@0.9.6e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-0656" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ndx-dg5a-37ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16955?format=api", "vulnerability_id": "VCID-6vr9-d96b-t7cz", "summary": "Out-of-bounds Read\nA read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4203.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4203.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4203", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.66078", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4203" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:14Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0008.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:14Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:14Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488", "reference_id": "2164488", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203", "reference_id": "CVE-2022-4203", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-4203", "GHSA-w67w-mw4j-8qrv" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6vr9-d96b-t7cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84563?format=api", "vulnerability_id": "VCID-6zr5-5rye-ykbm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.82097", "scoring_system": "epss", "scoring_elements": "0.9923", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665", "reference_id": "750665", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665" }, { "reference_url": "https://security.gentoo.org/glsa/201407-05", "reference_id": "GLSA-201407-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201407-05" }, { "reference_url": "https://usn.ubuntu.com/2232-1/", "reference_id": "USN-2232-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2232-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201270?format=api", "purl": "pkg:deb/debian/openssl@1.0.1h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0221" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zr5-5rye-ykbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73075?format=api", "vulnerability_id": "VCID-74mt-997c-nuc6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-5095", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.55076", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-5095" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684527", "reference_id": "684527", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684527" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201262?format=api", "purl": "pkg:deb/debian/openssl@0.9.8a-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8a-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-5095" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74mt-997c-nuc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16829?format=api", "vulnerability_id": "VCID-77dz-3tvz-c7b8", "summary": "Use After Free\nThe public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0215.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0215.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62819", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0215" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492", "reference_id": "2164492", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215", "reference_id": "CVE-2023-0215", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0007/", "reference_id": "ntap-20230427-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0009/", "reference_id": "ntap-20230427-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1405", "reference_id": "RHSA-2023:1405", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1405" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2165", "reference_id": "RHSA-2023:2165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2932", "reference_id": "RHSA-2023:2932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3408", "reference_id": "RHSA-2023:3408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3420", "reference_id": "RHSA-2023:3420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3421", "reference_id": "RHSA-2023:3421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4128", "reference_id": "RHSA-2023:4128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4128" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" }, { "reference_url": "https://usn.ubuntu.com/5845-1/", "reference_id": "USN-5845-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5845-1/" }, { "reference_url": "https://usn.ubuntu.com/5845-2/", "reference_id": "USN-5845-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5845-2/" }, { "reference_url": "https://usn.ubuntu.com/6564-1/", "reference_id": "USN-6564-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6564-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201314?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0215", "GHSA-r7jw-wp68-3xch" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77dz-3tvz-c7b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75616?format=api", "vulnerability_id": "VCID-7brd-qcfy-jfak", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.63145", "scoring_system": "epss", "scoring_elements": "0.9842", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2686" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889", "reference_id": "699889", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1732-1/", "reference_id": "USN-1732-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201266?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2686" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7brd-qcfy-jfak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60294?format=api", "vulnerability_id": "VCID-7csz-r7ck-h3dx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08556", "scoring_system": "epss", "scoring_elements": "0.92529", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1379" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400", "reference_id": "530400", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8720.c", "reference_id": "CVE-2009-1379;OSVDB-54614", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8720.c" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://usn.ubuntu.com/792-1/", "reference_id": "USN-792-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/792-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201244?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1379" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7csz-r7ck-h3dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267834?format=api", "vulnerability_id": "VCID-7f65-tc9n-abhm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25757", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071972", "reference_id": "1071972", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071972" }, { "reference_url": "https://www.openssl.org/news/secadv/20240516.txt", "reference_id": "20240516.txt", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/" } ], "url": "https://www.openssl.org/news/secadv/20240516.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "reference_id": "2281029", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281029" }, { "reference_url": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", "reference_id": "3559e868e58005d15c6013a0c1fd832e51c73397", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/" } ], "url": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397" }, { "reference_url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", "reference_id": "53ea06486d296b890d565fb971b2764fcd826e7e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/" } ], "url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e" }, { "reference_url": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", "reference_id": "9c39b3858091c152f52513c066ff2c5a47969f0d", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/" } ], "url": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d" }, { "reference_url": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", "reference_id": "da343d0605c826ef197aceedc67e8e04f065f740", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/" } ], "url": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9333", "reference_id": "RHSA-2024:9333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9333" }, { "reference_url": "https://usn.ubuntu.com/6937-1/", "reference_id": "USN-6937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201333?format=api", "purl": "pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201334?format=api", "purl": "pkg:deb/debian/openssl@3.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-4603" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7f65-tc9n-abhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5000?format=api", "vulnerability_id": "VCID-7hqc-qde6-tqas", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10613", "scoring_system": "epss", "scoring_elements": "0.93414", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6302" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6302" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hqc-qde6-tqas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/243780?format=api", "vulnerability_id": "VCID-7j9u-q6e6-jkhd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12797.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12797.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12797" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9" }, { "reference_url": "https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7" }, { "reference_url": "https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699" }, { "reference_url": "https://github.com/pyca/cryptography", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pyca/cryptography" }, { "reference_url": "https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12797", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12797" }, { "reference_url": "https://openssl-library.org/news/secadv/20250211.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/" } ], "url": "https://openssl-library.org/news/secadv/20250211.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/02/11/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/02/11/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/02/11/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/02/11/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095765", "reference_id": "1095765", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095765" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342757", "reference_id": "2342757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342757" }, { "reference_url": "https://github.com/advisories/GHSA-79v4-65xg-pq4g", "reference_id": "GHSA-79v4-65xg-pq4g", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-79v4-65xg-pq4g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1330", "reference_id": "RHSA-2025:1330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1925", "reference_id": "RHSA-2025:1925", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1985", "reference_id": "RHSA-2025:1985", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1985" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2754", "reference_id": "RHSA-2025:2754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4005", "reference_id": "RHSA-2025:4005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9895", "reference_id": "RHSA-2025:9895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9895" }, { "reference_url": "https://usn.ubuntu.com/7264-1/", "reference_id": "USN-7264-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7264-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201330?format=api", "purl": "pkg:deb/debian/openssl@3.4.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.4.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-12797", "GHSA-79v4-65xg-pq4g" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7j9u-q6e6-jkhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60292?format=api", "vulnerability_id": "VCID-7vdy-f5fb-euax", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02884", "scoring_system": "epss", "scoring_elements": "0.86552", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1377" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400", "reference_id": "530400", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://usn.ubuntu.com/792-1/", "reference_id": "USN-792-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/792-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201244?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1377" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vdy-f5fb-euax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72674?format=api", "vulnerability_id": "VCID-7xe7-653t-47hk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02787", "scoring_system": "epss", "scoring_elements": "0.86335", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4577" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201259?format=api", "purl": "pkg:deb/debian/openssl@1.0.0f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4577" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xe7-653t-47hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/132640?format=api", "vulnerability_id": "VCID-7xh2-r7c8-dkde", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.75093", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5407" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bbbrumley/portsmash/tree/e3e7447ba04e1a8a5637cabadf3403faf94f7a56", "reference_id": "CVE-2018-5407", "reference_type": "exploit", "scores": [], "url": "https://github.com/bbbrumley/portsmash/tree/e3e7447ba04e1a8a5637cabadf3403faf94f7a56" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/local/45785.md", "reference_id": "CVE-2018-5407", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/local/45785.md" }, { "reference_url": "https://security.gentoo.org/glsa/201903-10", "reference_id": "GLSA-201903-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-10" }, { "reference_url": "https://usn.ubuntu.com/3840-1/", "reference_id": "USN-3840-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3840-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201295?format=api", "purl": "pkg:deb/debian/openssl@1.1.1~~pre9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1~~pre9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5407" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xh2-r7c8-dkde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/327588?format=api", "vulnerability_id": "VCID-7xw3-uquz-v7ek", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13108", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31790" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac", "reference_id": "001e01db3e996e13ffc72386fe79d03a6683b5ac", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451094", "reference_id": "2451094", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451094" }, { "reference_url": "https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482", "reference_id": "abd8b2eec7e3f3fda60ecfb68498b246b52af482", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482" }, { "reference_url": "https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406", "reference_id": "b922e24e5b23ffb9cb9e14cadff23d91e9f7e406", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406" }, { "reference_url": "https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790", "reference_id": "d5f8e71cd0a54e961d0c3b174348f8308486f790", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790" }, { "reference_url": "https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e", "reference_id": "eed200f58cd8645ed77e46b7e9f764e284df379e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12195", "reference_id": "RHSA-2026:12195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19066", "reference_id": "RHSA-2026:19066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19218", "reference_id": "RHSA-2026:19218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21275", "reference_id": "RHSA-2026:21275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201350?format=api", "purl": "pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-31790" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xw3-uquz-v7ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325437?format=api", "vulnerability_id": "VCID-7y4x-nrsa-mbb3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29608", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5", "reference_id": "16cea4188e0ea567deb4f93f85902247e67384f5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451096", "reference_id": "2451096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451096" }, { "reference_url": "https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616", "reference_id": "785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616" }, { "reference_url": "https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f", "reference_id": "7b5274e812400cacb6f3be4c2df5340923fa807f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f" }, { "reference_url": "https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a", "reference_id": "c6725634e089eb2b634b10ede33944be7248172a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a" }, { "reference_url": "https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686", "reference_id": "f80f83bc5fd036bc47d773e8b15a001e2b4ce686", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/" } ], "url": "https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" }, { "reference_url": "https://usn.ubuntu.com/8155-2/", "reference_id": "USN-8155-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201350?format=api", "purl": "pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28389" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7y4x-nrsa-mbb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92630?format=api", "vulnerability_id": "VCID-7y6y-r74t-3kez", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31073", "scoring_system": "epss", "scoring_elements": "0.9683", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0206" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7y6y-r74t-3kez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92684?format=api", "vulnerability_id": "VCID-85km-s36h-jkfw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0654", "scoring_system": "epss", "scoring_elements": "0.91274", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201270?format=api", "purl": "pkg:deb/debian/openssl@1.0.1h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0292" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85km-s36h-jkfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67471?format=api", "vulnerability_id": "VCID-87xs-wauw-nbaf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04817", "scoring_system": "epss", "scoring_elements": "0.89671", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3864" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/1018-1/", "reference_id": "USN-1018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201255?format=api", "purl": "pkg:deb/debian/openssl@0.9.8o-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3864" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87xs-wauw-nbaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87378?format=api", "vulnerability_id": "VCID-8g7v-pbw3-tyam", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07282", "scoring_system": "epss", "scoring_elements": "0.91782", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3570" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8g7v-pbw3-tyam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92633?format=api", "vulnerability_id": "VCID-8te4-5dck-bkac", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01946", "scoring_system": "epss", "scoring_elements": "0.83753", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201275?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0209" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8te4-5dck-bkac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71619?format=api", "vulnerability_id": "VCID-8tj5-vmck-3bhv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01509", "scoring_system": "epss", "scoring_elements": "0.81495", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3207" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201253?format=api", "purl": "pkg:deb/debian/openssl@1.0.0e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-3207" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8tj5-vmck-3bhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92631?format=api", "vulnerability_id": "VCID-91cw-kxgf-7fg9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30474", "scoring_system": "epss", "scoring_elements": "0.96786", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0207" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0207" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91cw-kxgf-7fg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4998?format=api", "vulnerability_id": "VCID-949c-cguj-kfbk", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18043", "scoring_system": "epss", "scoring_elements": "0.95286", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6304" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6304" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-949c-cguj-kfbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16827?format=api", "vulnerability_id": "VCID-94bp-j4hm-sqb7", "summary": "NULL Pointer Dereference\nAn invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75344", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0012.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499", "reference_id": "2164499", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217", "reference_id": "CVE-2023-0217", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0217", "GHSA-vxrh-cpg7-8vjr" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94bp-j4hm-sqb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/239401?format=api", "vulnerability_id": "VCID-9ad7-pcdj-ubbc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76925", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6237" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d", "reference_id": "0b0f7abfb37350794a4b8960fafc292cd5d1b84d", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060858", "reference_id": "1060858", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060858" }, { "reference_url": "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a", "reference_id": "18c02492138d1eb8b6548cb26e7b625fb2414a2a", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a" }, { "reference_url": "https://www.openssl.org/news/secadv/20240115.txt", "reference_id": "20240115.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://www.openssl.org/news/secadv/20240115.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "reference_id": "2258502", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258502" }, { "reference_url": "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294", "reference_id": "a830f551557d3d66a84bbb18a5b889c640c36294", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9088", "reference_id": "RHSA-2024:9088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9088" }, { "reference_url": "https://usn.ubuntu.com/6622-1/", "reference_id": "USN-6622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6622-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201326?format=api", "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201329?format=api", "purl": "pkg:deb/debian/openssl@3.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6237" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ad7-pcdj-ubbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95851?format=api", "vulnerability_id": "VCID-9dms-vr7w-u7e4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92346", "scoring_system": "epss", "scoring_elements": "0.99739", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1032474", "reference_id": "1032474", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032474" }, { "reference_url": "http://www.securitytracker.com/id/1032475", "reference_id": "1032475", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032475" }, { "reference_url": "http://www.securitytracker.com/id/1032476", "reference_id": "1032476", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032476" }, { "reference_url": "http://www.securitytracker.com/id/1032637", "reference_id": "1032637", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032637" }, { "reference_url": "http://www.securitytracker.com/id/1032645", "reference_id": "1032645", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032645" }, { "reference_url": "http://www.securitytracker.com/id/1032647", "reference_id": "1032647", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032647" }, { "reference_url": "http://www.securitytracker.com/id/1032648", "reference_id": "1032648", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032648" }, { "reference_url": "http://www.securitytracker.com/id/1032649", "reference_id": "1032649", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032649" }, { "reference_url": "http://www.securitytracker.com/id/1032650", "reference_id": "1032650", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032650" }, { "reference_url": "http://www.securitytracker.com/id/1032651", "reference_id": "1032651", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032651" }, { "reference_url": "http://www.securitytracker.com/id/1032652", "reference_id": "1032652", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032652" }, { "reference_url": "http://www.securitytracker.com/id/1032653", "reference_id": "1032653", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032653" }, { "reference_url": "http://www.securitytracker.com/id/1032654", "reference_id": "1032654", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032654" }, { "reference_url": "http://www.securitytracker.com/id/1032655", "reference_id": "1032655", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032655" }, { "reference_url": "http://www.securitytracker.com/id/1032656", "reference_id": "1032656", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032656" }, { "reference_url": "http://www.securitytracker.com/id/1032688", "reference_id": "1032688", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032688" }, { "reference_url": "http://www.securitytracker.com/id/1032699", "reference_id": "1032699", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032699" }, { "reference_url": "http://www.securitytracker.com/id/1032702", "reference_id": "1032702", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032702" }, { "reference_url": "http://www.securitytracker.com/id/1032727", "reference_id": "1032727", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032727" }, { "reference_url": "http://www.securitytracker.com/id/1032759", "reference_id": "1032759", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032759" }, { "reference_url": "http://www.securitytracker.com/id/1032777", "reference_id": "1032777", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032777" }, { "reference_url": "http://www.securitytracker.com/id/1032778", "reference_id": "1032778", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032778" }, { "reference_url": "http://www.securitytracker.com/id/1032783", "reference_id": "1032783", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032783" }, { "reference_url": "http://www.securitytracker.com/id/1032784", "reference_id": "1032784", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032784" }, { "reference_url": "http://www.securitytracker.com/id/1032856", "reference_id": "1032856", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032856" }, { "reference_url": "http://www.securitytracker.com/id/1032864", "reference_id": "1032864", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032864" }, { "reference_url": "http://www.securitytracker.com/id/1032865", "reference_id": "1032865", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032865" }, { "reference_url": "http://www.securitytracker.com/id/1032871", "reference_id": "1032871", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032871" }, { "reference_url": "http://www.securitytracker.com/id/1032884", "reference_id": "1032884", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032884" }, { "reference_url": "http://www.securitytracker.com/id/1032910", "reference_id": "1032910", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032910" }, { "reference_url": "http://www.securitytracker.com/id/1032932", "reference_id": "1032932", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032932" }, { "reference_url": "http://www.securitytracker.com/id/1032960", "reference_id": "1032960", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032960" }, { "reference_url": "http://www.securitytracker.com/id/1033019", "reference_id": "1033019", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033019" }, { "reference_url": "http://www.securitytracker.com/id/1033064", "reference_id": "1033064", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033064" }, { "reference_url": "http://www.securitytracker.com/id/1033065", "reference_id": "1033065", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033065" }, { "reference_url": "http://www.securitytracker.com/id/1033067", "reference_id": "1033067", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033067" }, { "reference_url": "http://www.securitytracker.com/id/1033208", "reference_id": "1033208", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033208" }, { "reference_url": "http://www.securitytracker.com/id/1033209", "reference_id": "1033209", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033209" }, { "reference_url": "http://www.securitytracker.com/id/1033210", "reference_id": "1033210", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033210" }, { "reference_url": "http://www.securitytracker.com/id/1033222", "reference_id": "1033222", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033222" }, { "reference_url": "http://www.securitytracker.com/id/1033341", "reference_id": "1033341", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033341" }, { "reference_url": "http://www.securitytracker.com/id/1033385", "reference_id": "1033385", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033385" }, { "reference_url": "http://www.securitytracker.com/id/1033416", "reference_id": "1033416", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033416" }, { "reference_url": "http://www.securitytracker.com/id/1033430", "reference_id": "1033430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033430" }, { "reference_url": "http://www.securitytracker.com/id/1033433", "reference_id": "1033433", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033433" }, { "reference_url": "http://www.securitytracker.com/id/1033513", "reference_id": "1033513", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033513" }, { "reference_url": "http://www.securitytracker.com/id/1033760", "reference_id": "1033760", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033760" }, { "reference_url": "http://www.securitytracker.com/id/1033891", "reference_id": "1033891", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033891" }, { "reference_url": "http://www.securitytracker.com/id/1033991", "reference_id": "1033991", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033991" }, { "reference_url": "http://www.securitytracker.com/id/1034087", "reference_id": "1034087", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1034087" }, { "reference_url": "http://www.securitytracker.com/id/1034728", "reference_id": "1034728", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1034728" }, { "reference_url": "http://www.securitytracker.com/id/1034884", "reference_id": "1034884", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1034884" }, { "reference_url": "http://www.securitytracker.com/id/1036218", "reference_id": "1036218", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1036218" }, { "reference_url": "http://www.securitytracker.com/id/1040630", "reference_id": "1040630", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1040630" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html", "reference_id": "159314.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html", "reference_id": "159351.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html", "reference_id": "160117.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html" }, { "reference_url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack", "reference_id": "2015-05-20-logjam-attack", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack" }, { "reference_url": "https://openssl.org/news/secadv/20150611.txt", "reference_id": "20150611.txt", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://openssl.org/news/secadv/20150611.txt" }, { "reference_url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery", "reference_id": "2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery" }, { "reference_url": "http://www.securityfocus.com/bid/74733", "reference_id": "74733", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securityfocus.com/bid/74733" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/20/8", "reference_id": "8", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://openwall.com/lists/oss-security/2015/05/20/8" }, { "reference_url": "http://www.securityfocus.com/bid/91787", "reference_id": "91787", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securityfocus.com/bid/91787" }, { "reference_url": "http://support.citrix.com/article/CTX201114", "reference_id": "CTX201114", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://support.citrix.com/article/CTX201114" }, { "reference_url": "https://support.citrix.com/article/CTX216642", "reference_id": "CTX216642", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://support.citrix.com/article/CTX216642" }, { "reference_url": "https://puppet.com/security/cve/CVE-2015-4000", "reference_id": "CVE-2015-4000", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://puppet.com/security/cve/CVE-2015-4000" }, { "reference_url": "https://www.suse.com/security/cve/CVE-2015-4000.html", "reference_id": "CVE-2015-4000.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www.suse.com/security/cve/CVE-2015-4000.html" }, { "reference_url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196", "reference_id": "display?docId=emr_na-c04718196", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402", "reference_id": "display?docId=emr_na-c04876402", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778", "reference_id": "display?docId=emr_na-c04949778", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527", "reference_id": "docDisplay?docId=emr_na-c04740527", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", "reference_id": "docDisplay?docId=emr_na-c04770140", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", "reference_id": "docDisplay?docId=emr_na-c04772190", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", "reference_id": "docDisplay?docId=emr_na-c04773119", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", "reference_id": "docDisplay?docId=emr_na-c04773241", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", "reference_id": "docDisplay?docId=emr_na-c04832246", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839", "reference_id": "docDisplay?docId=emr_na-c04918839", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929", "reference_id": "docDisplay?docId=emr_na-c04923929", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", "reference_id": "docDisplay?docId=emr_na-c04926789", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655", "reference_id": "docDisplay?docId=emr_na-c04953655", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", "reference_id": "docDisplay?docId=emr_na-c05045763", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722", "reference_id": "docDisplay?docId=emr_na-c05128722", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083", "reference_id": "docDisplay?docId=emr_na-c05193083", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083" }, { "reference_url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403", "reference_id": "docdisplay?lndocid=MIGR-5098403", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984", "reference_id": "docview.wss?uid=swg21958984", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111", "reference_id": "docview.wss?uid=swg21959111", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132", "reference_id": "docview.wss?uid=swg21959132", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195", "reference_id": "docview.wss?uid=swg21959195", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325", "reference_id": "docview.wss?uid=swg21959325", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453", "reference_id": "docview.wss?uid=swg21959453", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481", "reference_id": "docview.wss?uid=swg21959481", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517", "reference_id": "docview.wss?uid=swg21959517", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530", "reference_id": "docview.wss?uid=swg21959530", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539", "reference_id": "docview.wss?uid=swg21959539", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636", "reference_id": "docview.wss?uid=swg21959636", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636" }, { "reference_url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745", "reference_id": "docview.wss?uid=swg21959745", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812", "reference_id": "docview.wss?uid=swg21959812", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041", "reference_id": "docview.wss?uid=swg21960041", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191", "reference_id": "docview.wss?uid=swg21960191", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194", "reference_id": "docview.wss?uid=swg21960194", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380", "reference_id": "docview.wss?uid=swg21960380", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418", "reference_id": "docview.wss?uid=swg21960418", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717", "reference_id": "docview.wss?uid=swg21961717", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455", "reference_id": "docview.wss?uid=swg21962455", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739", "reference_id": "docview.wss?uid=swg21962739", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816", "reference_id": "docview.wss?uid=swg21962816", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893", "reference_id": "docview.wss?uid=swg21967893", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3287", "reference_id": "dsa-3287", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3287" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3300", "reference_id": "dsa-3300", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3300" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3316", "reference_id": "dsa-3316", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3316" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3324", "reference_id": "dsa-3324", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3324" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3339", "reference_id": "dsa-3339", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3339" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3688", "reference_id": "dsa-3688", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://security.gentoo.org/glsa/201512-10", "reference_id": "GLSA-201512-10", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201512-10" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "http://support.apple.com/kb/HT204941", "reference_id": "HT204941", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://support.apple.com/kb/HT204941" }, { "reference_url": "http://support.apple.com/kb/HT204942", "reference_id": "HT204942", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://support.apple.com/kb/HT204942" }, { "reference_url": "https://weakdh.org/imperfect-forward-secrecy.pdf", "reference_id": "imperfect-forward-secrecy.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://weakdh.org/imperfect-forward-secrecy.pdf" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681", "reference_id": "index?page=content&id=JSA10681", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", "reference_id": "index?page=content&id=JSA10727", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", "reference_id": "index?page=content&id=SB10122", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143506486712441&w=2", "reference_id": "?l=bugtraq&m=143506486712441&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143506486712441&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143557934009303&w=2", "reference_id": "?l=bugtraq&m=143557934009303&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143557934009303&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558092609708&w=2", "reference_id": "?l=bugtraq&m=143558092609708&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558092609708&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143628304012255&w=2", "reference_id": "?l=bugtraq&m=143628304012255&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143628304012255&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143637549705650&w=2", "reference_id": "?l=bugtraq&m=143637549705650&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143637549705650&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143655800220052&w=2", "reference_id": "?l=bugtraq&m=143655800220052&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143655800220052&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2", "reference_id": "?l=bugtraq&m=143880121627664&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2", "reference_id": "?l=bugtraq&m=144043644216842&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144050121701297&w=2", "reference_id": "?l=bugtraq&m=144050121701297&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144050121701297&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2", "reference_id": "?l=bugtraq&m=144060576831314&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2", "reference_id": "?l=bugtraq&m=144060606031437&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144061542602287&w=2", "reference_id": "?l=bugtraq&m=144061542602287&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144061542602287&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2", "reference_id": "?l=bugtraq&m=144069189622016&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2", "reference_id": "?l=bugtraq&m=144102017024820&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2", "reference_id": "?l=bugtraq&m=144104533800819&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2", "reference_id": "?l=bugtraq&m=144493176821532&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145409266329539&w=2", "reference_id": "?l=bugtraq&m=145409266329539&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=145409266329539&w=2" }, { "reference_url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/", "reference_id": "logjam-freak-upcoming-changes", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/" }, { "reference_url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/", "reference_id": "logjam-the-latest-tls-vulnerability-explained", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70", "reference_id": "mfsa2015-70", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70" }, { "reference_url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html", "reference_id": "mfsa2015-70.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html", "reference_id": "msg00004.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html", "reference_id": "msg00032.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html", "reference_id": "msg00034.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html", "reference_id": "msg00046.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html", "reference_id": "msg00047.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html", "reference_id": "msg00094.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html", "reference_id": "msg00097.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html" }, { "reference_url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc", "reference_id": "NetBSD-SA2015-008.txt.asc", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes", "reference_id": "NSS_3.19.1_release_notes", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20150619-0001/", "reference_id": "ntap-20150619-0001", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20150619-0001/" }, { "reference_url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm", "reference_id": "releaseNotes.htm", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html", "reference_id": "RHSA-2015-1072.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html", "reference_id": "RHSA-2015-1185.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html", "reference_id": "RHSA-2015-1197.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html", "reference_id": "RHSA-2015-1228.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html", "reference_id": "RHSA-2015-1229.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html", "reference_id": "RHSA-2015-1230.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html", "reference_id": "RHSA-2015-1241.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html", "reference_id": "RHSA-2015-1242.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html", "reference_id": "RHSA-2015-1243.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html", "reference_id": "RHSA-2015-1485.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html", "reference_id": "RHSA-2015-1486.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html", "reference_id": "RHSA-2015-1488.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html", "reference_id": "RHSA-2015-1526.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html", "reference_id": "RHSA-2015-1544.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html", "reference_id": "RHSA-2015-1604.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html", "reference_id": "RHSA-2016-1624.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa98", "reference_id": "sa98", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://bto.bluecoat.com/security-advisory/sa98" }, { "reference_url": "https://www.openssl.org/news/secadv_20150611.txt", "reference_id": "secadv_20150611.txt", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www.openssl.org/news/secadv_20150611.txt" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc", "reference_id": "sendmail_advisory2.asc", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554", "reference_id": "show_bug.cgi?id=1138554", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "reference_id": "ssa-412672.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "reference_url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "reference_id": "StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "reference_url": "https://usn.ubuntu.com/2656-1/", "reference_id": "USN-2656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2656-1", "reference_id": "USN-2656-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2656-1" }, { "reference_url": "https://usn.ubuntu.com/2656-2/", "reference_id": "USN-2656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-2/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2656-2", "reference_id": "USN-2656-2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2656-2" }, { "reference_url": "https://usn.ubuntu.com/2673-1/", "reference_id": "USN-2673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2673-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2673-1", "reference_id": "USN-2673-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2673-1" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2696-1", "reference_id": "USN-2696-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2696-1" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2706-1", "reference_id": "USN-2706-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2706-1" }, { "reference_url": "https://weakdh.org/", "reference_id": "weakdh.org", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://weakdh.org/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201277?format=api", "purl": "pkg:deb/debian/openssl@1.0.2b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-4000" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9dms-vr7w-u7e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/283238?format=api", "vulnerability_id": "VCID-9u2f-m6r6-yqev", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15469.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15469.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15469", "reference_id": "", "reference_type": "", "scores": [ { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00591", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:54:00Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "reference_id": "2430378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378" }, { "reference_url": "https://github.com/openssl/openssl/commit/310f305eb92ea8040d6b3cb75a5feeba8e6acf2f", "reference_id": "310f305eb92ea8040d6b3cb75a5feeba8e6acf2f", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:54:00Z/" } ], "url": "https://github.com/openssl/openssl/commit/310f305eb92ea8040d6b3cb75a5feeba8e6acf2f" }, { "reference_url": "https://github.com/openssl/openssl/commit/a7936fa4bd23c906e1955a16a0a0ab39a4953a61", "reference_id": "a7936fa4bd23c906e1955a16a0a0ab39a4953a61", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:54:00Z/" } ], "url": "https://github.com/openssl/openssl/commit/a7936fa4bd23c906e1955a16a0a0ab39a4953a61" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-15469" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9u2f-m6r6-yqev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36905?format=api", "vulnerability_id": "VCID-a2t8-3nan-2yet", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09388", "scoring_system": "epss", "scoring_elements": "0.9292", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2969" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333500", "reference_id": "333500", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333500" }, { "reference_url": "https://usn.ubuntu.com/204-1/", "reference_id": "USN-204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201233?format=api", "purl": "pkg:deb/debian/openssl@0.9.8-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-2969" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a2t8-3nan-2yet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31565?format=api", "vulnerability_id": "VCID-a653-rk4h-bfbx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0112", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76254", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0112" }, { "reference_url": "https://security.gentoo.org/glsa/200403-03", "reference_id": "GLSA-200403-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200403-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201229?format=api", "purl": "pkg:deb/debian/openssl@0.9.7d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0112" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a653-rk4h-bfbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325435?format=api", "vulnerability_id": "VCID-a6ex-h8k7-8fbx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14071", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b", "reference_id": "07e727d304746edb49a98ee8f6ab00256e1f012b", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451098", "reference_id": "2451098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451098" }, { "reference_url": "https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe", "reference_id": "258a8f63b26995ba357f4326da00e19e29c6acbe", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe" }, { "reference_url": "https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3", "reference_id": "444958deaf450aea819171f97ae69eaedede42c3", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3" }, { "reference_url": "https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7", "reference_id": "7a4e08cee62a728d32e60b0de89e6764339df0a7", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7" }, { "reference_url": "https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177", "reference_id": "ec03fa050b3346997ed9c5fef3d0e16ad7db8177", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" }, { "reference_url": "https://usn.ubuntu.com/8155-2/", "reference_id": "USN-8155-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201350?format=api", "purl": "pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28387" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6ex-h8k7-8fbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66636?format=api", "vulnerability_id": "VCID-a9qw-s1ff-pbav", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10272", "scoring_system": "epss", "scoring_elements": "0.93288", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2939" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594415", "reference_id": "594415", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594415" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34427.txt", "reference_id": "CVE-2010-2939;OSVDB-66946", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34427.txt" }, { "reference_url": "https://www.securityfocus.com/bid/42306/info", "reference_id": "CVE-2010-2939;OSVDB-66946", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/42306/info" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/1003-1/", "reference_id": "USN-1003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201254?format=api", "purl": "pkg:deb/debian/openssl@0.9.8o-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2939" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9qw-s1ff-pbav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84515?format=api", "vulnerability_id": "VCID-ab26-rnmv-1qdy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94464", "scoring_system": "epss", "scoring_elements": "0.99996", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160" }, { "reference_url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html", "reference_id": "000184.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html" }, { "reference_url": "http://www.securitytracker.com/id/1030026", "reference_id": "1030026", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030026" }, { "reference_url": "http://www.securitytracker.com/id/1030074", "reference_id": "1030074", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030074" }, { "reference_url": "http://www.securitytracker.com/id/1030077", "reference_id": "1030077", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030077" }, { "reference_url": "http://www.securitytracker.com/id/1030078", "reference_id": "1030078", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030078" }, { "reference_url": "http://www.securitytracker.com/id/1030079", "reference_id": "1030079", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030079" }, { "reference_url": "http://www.securitytracker.com/id/1030080", "reference_id": "1030080", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030080" }, { "reference_url": "http://www.securitytracker.com/id/1030081", "reference_id": "1030081", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030081" }, { "reference_url": "http://www.securitytracker.com/id/1030082", "reference_id": "1030082", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securitytracker.com/id/1030082" }, { "reference_url": "https://gist.github.com/chapmajs/10473815", "reference_id": "10473815", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://gist.github.com/chapmajs/10473815" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Apr/109", "reference_id": "109", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://seclists.org/fulldisclosure/2014/Apr/109" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html", "reference_id": "131221.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html", "reference_id": "131291.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html", "reference_id": "136473.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Apr/173", "reference_id": "173", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://seclists.org/fulldisclosure/2014/Apr/173" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Apr/190", "reference_id": "190", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://seclists.org/fulldisclosure/2014/Apr/190" }, { "reference_url": "http://www.exploit-db.com/exploits/32745", "reference_id": "32745", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.exploit-db.com/exploits/32745" }, { "reference_url": "http://www.exploit-db.com/exploits/32764", "reference_id": "32764", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.exploit-db.com/exploits/32764" }, { "reference_url": "http://secunia.com/advisories/57347", "reference_id": "57347", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/57347" }, { "reference_url": "http://secunia.com/advisories/57483", "reference_id": "57483", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/57483" }, { "reference_url": "http://secunia.com/advisories/57721", "reference_id": "57721", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/57721" }, { "reference_url": "http://secunia.com/advisories/57836", "reference_id": "57836", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/57836" }, { "reference_url": "http://secunia.com/advisories/57966", "reference_id": "57966", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/57966" }, { "reference_url": "http://secunia.com/advisories/57968", "reference_id": "57968", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/57968" }, { "reference_url": "http://secunia.com/advisories/59139", "reference_id": "59139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/59139" }, { "reference_url": "http://secunia.com/advisories/59243", "reference_id": "59243", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/59243" }, { "reference_url": "http://secunia.com/advisories/59347", "reference_id": "59347", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://secunia.com/advisories/59347" }, { "reference_url": "http://www.securityfocus.com/bid/66690", "reference_id": "66690", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.securityfocus.com/bid/66690" }, { "reference_url": "http://www.kb.cert.org/vuls/id/720951", "reference_id": "720951", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.kb.cert.org/vuls/id/720951" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743883", "reference_id": "743883", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743883" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Apr/90", "reference_id": "90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://seclists.org/fulldisclosure/2014/Apr/90" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Apr/91", "reference_id": "91", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://seclists.org/fulldisclosure/2014/Apr/91" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "reference_id": "advisories?name=MDVSA-2015:062", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "reference_url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/", "reference_id": "chef-server-11-0-12-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/" }, { "reference_url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/", "reference_id": "chef-server-heartbleed-cve-2014-0160-releases", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed", "reference_id": "cisco-sa-20140409-heartbleed", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed" }, { "reference_url": "http://support.citrix.com/article/CTX140605", "reference_id": "CTX140605", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://support.citrix.com/article/CTX140605" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32764.py", "reference_id": "CVE-2014-0346;CVE-2014-0160;OSVDB-105465", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32764.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32791.c", "reference_id": "CVE-2014-0346;CVE-2014-0160;OSVDB-105465", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32791.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32998.c", "reference_id": "CVE-2014-0346;CVE-2014-0160;OSVDB-105465", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32998.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32745.py", "reference_id": "CVE-2014-0346;OSVDB-105465;CVE-2014-0160", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32745.py" }, { "reference_url": "https://code.google.com/p/mod-spdy/issues/detail?id=85", "reference_id": "detail?id=85", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://code.google.com/p/mod-spdy/issues/detail?id=85" }, { "reference_url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00", "reference_id": "detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", "reference_id": "docview.wss?uid=isg400001841", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", "reference_id": "docview.wss?uid=isg400001843", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661", "reference_id": "docview.wss?uid=ssg1S1004661", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161", "reference_id": "docview.wss?uid=swg21670161", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2896", "reference_id": "dsa-2896", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.debian.org/security/2014/dsa-2896" }, { "reference_url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/", "reference_id": "enterprise-chef-1-4-9-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "reference_id": "f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01", "reference_id": "files?p_Doc_Ref=SEVD%202014-119-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01" }, { "reference_url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1", "reference_id": "fsc-2014-1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1" }, { "reference_url": "https://security.gentoo.org/glsa/201404-07", "reference_id": "GLSA-201404-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-07" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "http://heartbleed.com/", "reference_id": "heartbleed.com", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://heartbleed.com/" }, { "reference_url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html", "reference_id": "heartbleed-hearts-continue-to-bleed.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html" }, { "reference_url": "http://www.blackberry.com/btsc/KB35882", "reference_id": "KB35882", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.blackberry.com/btsc/KB35882" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139722163017074&w=2", "reference_id": "?l=bugtraq&m=139722163017074&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139722163017074&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139757726426985&w=2", "reference_id": "?l=bugtraq&m=139757726426985&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139757726426985&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139757819327350&w=2", "reference_id": "?l=bugtraq&m=139757819327350&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139757819327350&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139757919027752&w=2", "reference_id": "?l=bugtraq&m=139757919027752&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139757919027752&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139758572430452&w=2", "reference_id": "?l=bugtraq&m=139758572430452&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139758572430452&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139765756720506&w=2", "reference_id": "?l=bugtraq&m=139765756720506&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139765756720506&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139774054614965&w=2", "reference_id": "?l=bugtraq&m=139774054614965&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139774054614965&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139774703817488&w=2", "reference_id": "?l=bugtraq&m=139774703817488&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139774703817488&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139808058921905&w=2", "reference_id": "?l=bugtraq&m=139808058921905&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139808058921905&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139817685517037&w=2", "reference_id": "?l=bugtraq&m=139817685517037&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139817685517037&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139817727317190&w=2", "reference_id": "?l=bugtraq&m=139817727317190&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139817727317190&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139817782017443&w=2", "reference_id": "?l=bugtraq&m=139817782017443&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139817782017443&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139824923705461&w=2", "reference_id": "?l=bugtraq&m=139824923705461&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139824923705461&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139824993005633&w=2", "reference_id": "?l=bugtraq&m=139824993005633&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139824993005633&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139833395230364&w=2", "reference_id": "?l=bugtraq&m=139833395230364&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139833395230364&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139835815211508&w=2", "reference_id": "?l=bugtraq&m=139835815211508&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139835815211508&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139835844111589&w=2", "reference_id": "?l=bugtraq&m=139835844111589&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139835844111589&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139836085512508&w=2", "reference_id": "?l=bugtraq&m=139836085512508&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139836085512508&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139842151128341&w=2", "reference_id": "?l=bugtraq&m=139842151128341&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139842151128341&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139843768401936&w=2", "reference_id": "?l=bugtraq&m=139843768401936&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139843768401936&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139869720529462&w=2", "reference_id": "?l=bugtraq&m=139869720529462&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139869720529462&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139869891830365&w=2", "reference_id": "?l=bugtraq&m=139869891830365&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139869891830365&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139889113431619&w=2", "reference_id": "?l=bugtraq&m=139889113431619&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139889113431619&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139889295732144&w=2", "reference_id": "?l=bugtraq&m=139889295732144&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139889295732144&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905202427693&w=2", "reference_id": "?l=bugtraq&m=139905202427693&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905202427693&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905243827825&w=2", "reference_id": "?l=bugtraq&m=139905243827825&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905243827825&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905295427946&w=2", "reference_id": "?l=bugtraq&m=139905295427946&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905295427946&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905351928096&w=2", "reference_id": "?l=bugtraq&m=139905351928096&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905351928096&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905405728262&w=2", "reference_id": "?l=bugtraq&m=139905405728262&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905405728262&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905458328378&w=2", "reference_id": "?l=bugtraq&m=139905458328378&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905458328378&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905653828999&w=2", "reference_id": "?l=bugtraq&m=139905653828999&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905653828999&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139905868529690&w=2", "reference_id": "?l=bugtraq&m=139905868529690&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=139905868529690&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=140015787404650&w=2", "reference_id": "?l=bugtraq&m=140015787404650&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=140015787404650&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=140075368411126&w=2", "reference_id": "?l=bugtraq&m=140075368411126&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=140075368411126&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=140724451518351&w=2", "reference_id": "?l=bugtraq&m=140724451518351&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=140724451518351&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2", "reference_id": "?l=bugtraq&m=140752315422991&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141287864628122&w=2", "reference_id": "?l=bugtraq&m=141287864628122&w=2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141287864628122&w=2" }, { "reference_url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf", "reference_id": "mdm_1.5.2.1_Release_Notes.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0165.html", "reference_id": "MGASA-2014-0165.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://advisories.mageia.org/MGASA-2014-0165.html" }, { "reference_url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008", "reference_id": "mitel-product-security-advisory-17-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html", "reference_id": "msg00004.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html", "reference_id": "msg00061.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html" }, { "reference_url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1", "reference_id": "NVD_Detail_Rpt.aspx?ID=1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1" }, { "reference_url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3", "reference_id": "NVD_Detail_Rpt.aspx?ID=3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3" }, { "reference_url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160", "reference_id": "openssl-bug-cve-2014-0160", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160" }, { "reference_url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/", "reference_id": "openssl-heartbleed-bug-live-blog", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html", "reference_id": "opensslheartbleedcve-2014-0160-2188454.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html" }, { "reference_url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3", "reference_id": "?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "reference_id": "re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://www.kerio.com/support/kerio-control/release-history", "reference_id": "release-history", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.kerio.com/support/kerio-control/release-history" }, { "reference_url": "http://cogentdatahub.com/ReleaseNotes.html", "reference_id": "ReleaseNotes.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://cogentdatahub.com/ReleaseNotes.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html", "reference_id": "RHSA-2014-0376.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html", "reference_id": "RHSA-2014-0377.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html", "reference_id": "RHSA-2014-0378.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html", "reference_id": "RHSA-2014-0396.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html" }, { "reference_url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd", "reference_id": "ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd" }, { "reference_url": "http://www.openssl.org/news/secadv_20140407.txt", "reference_id": "secadv_20140407.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.openssl.org/news/secadv_20140407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875", "reference_id": "show_bug.cgi?id=1084875", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875" }, { "reference_url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", "reference_id": "SJHN-7RKGNM_R4_EN.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf" }, { "reference_url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html", "reference_id": "sol15159.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html" }, { "reference_url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217", "reference_id": "sol15159.html?sr=36517217", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217" }, { "reference_url": "http://www.splunk.com/view/SP-CAAAMB3", "reference_id": "SP-CAAAMB3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.splunk.com/view/SP-CAAAMB3" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf", "reference_id": "ssa-635659.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf" }, { "reference_url": "http://www.us-cert.gov/ncas/alerts/TA14-098A", "reference_id": "TA14-098A", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-098A" }, { "reference_url": "https://usn.ubuntu.com/2165-1/", "reference_id": "USN-2165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2165-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2165-1", "reference_id": "USN-2165-1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2165-1" }, { "reference_url": "https://filezilla-project.org/versions.php?type=server", "reference_id": "versions.php?type=server", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://filezilla-project.org/versions.php?type=server" }, { "reference_url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_id": "Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "reference_url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html", "reference_id": "vulnerability788210.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:32:34Z/" } ], "url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201269?format=api", "purl": "pkg:deb/debian/openssl@1.0.1g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0160" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ab26-rnmv-1qdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30480?format=api", "vulnerability_id": "VCID-absf-6cjb-vuhw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26187", "scoring_system": "epss", "scoring_elements": "0.96386", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0544" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201228?format=api", "purl": "pkg:deb/debian/openssl@0.9.7c?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7c%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0544" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-absf-6cjb-vuhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87374?format=api", "vulnerability_id": "VCID-ad6r-2393-aye4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93538", "scoring_system": "epss", "scoring_elements": "0.99837", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "reference_id": "0101.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "reference_url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "reference_id": "1015-security-advisory-7", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" }, { "reference_url": "http://www.securitytracker.com/id/1031029", "reference_id": "1031029", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031029" }, { "reference_url": "http://www.securitytracker.com/id/1031039", "reference_id": "1031039", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031039" }, { "reference_url": "http://www.securitytracker.com/id/1031085", "reference_id": "1031085", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031085" }, { "reference_url": "http://www.securitytracker.com/id/1031086", "reference_id": "1031086", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031086" }, { "reference_url": "http://www.securitytracker.com/id/1031087", "reference_id": "1031087", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031087" }, { "reference_url": "http://www.securitytracker.com/id/1031088", "reference_id": "1031088", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031088" }, { "reference_url": "http://www.securitytracker.com/id/1031089", "reference_id": "1031089", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031089" }, { "reference_url": "http://www.securitytracker.com/id/1031090", "reference_id": "1031090", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031090" }, { "reference_url": "http://www.securitytracker.com/id/1031091", "reference_id": "1031091", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031091" }, { "reference_url": "http://www.securitytracker.com/id/1031092", "reference_id": "1031092", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031092" }, { "reference_url": "http://www.securitytracker.com/id/1031093", "reference_id": "1031093", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031093" }, { "reference_url": "http://www.securitytracker.com/id/1031094", "reference_id": "1031094", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031094" }, { "reference_url": "http://www.securitytracker.com/id/1031095", "reference_id": "1031095", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031095" }, { "reference_url": "http://www.securitytracker.com/id/1031096", "reference_id": "1031096", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031096" }, { "reference_url": "http://www.securitytracker.com/id/1031105", "reference_id": "1031105", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031105" }, { "reference_url": "http://www.securitytracker.com/id/1031106", "reference_id": "1031106", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031106" }, { "reference_url": "http://www.securitytracker.com/id/1031107", "reference_id": "1031107", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031107" }, { "reference_url": "http://www.securitytracker.com/id/1031120", "reference_id": "1031120", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031120" }, { "reference_url": "http://www.securitytracker.com/id/1031123", "reference_id": "1031123", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031123" }, { "reference_url": "http://www.securitytracker.com/id/1031124", "reference_id": "1031124", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031124" }, { "reference_url": "http://www.securitytracker.com/id/1031130", "reference_id": "1031130", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031130" }, { "reference_url": "http://www.securitytracker.com/id/1031131", "reference_id": "1031131", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031131" }, { "reference_url": "http://www.securitytracker.com/id/1031132", "reference_id": "1031132", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031132" }, { "reference_url": "https://access.redhat.com/articles/1232123", "reference_id": "1232123", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://access.redhat.com/articles/1232123" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "reference_id": "141114.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "reference_id": "141158.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "reference_id": "142330.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "reference_id": "169361.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "reference_id": "169374.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html" }, { "reference_url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "reference_id": "2014-10-14-how-poodle-happened.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "reference_url": "https://technet.microsoft.com/library/security/3009008.aspx", "reference_id": "3009008.aspx", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "reference_url": "http://www.securityfocus.com/archive/1/533746", "reference_id": "533746", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "reference_url": "http://www.securityfocus.com/archive/1/533747", "reference_id": "533747", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "reference_url": "http://www.kb.cert.org/vuls/id/577193", "reference_id": "577193", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.kb.cert.org/vuls/id/577193" }, { "reference_url": "http://secunia.com/advisories/59627", "reference_id": "59627", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/59627" }, { "reference_url": "http://secunia.com/advisories/60056", "reference_id": "60056", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60056" }, { "reference_url": "http://secunia.com/advisories/60206", "reference_id": "60206", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60206" }, { "reference_url": "http://secunia.com/advisories/60792", "reference_id": "60792", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60792" }, { "reference_url": "http://secunia.com/advisories/60859", "reference_id": "60859", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60859" }, { "reference_url": "http://secunia.com/advisories/61019", "reference_id": "61019", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61019" }, { "reference_url": "http://secunia.com/advisories/61130", "reference_id": "61130", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61130" }, { "reference_url": "http://secunia.com/advisories/61303", "reference_id": "61303", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61303" }, { "reference_url": "http://secunia.com/advisories/61316", "reference_id": "61316", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61316" }, { "reference_url": "http://secunia.com/advisories/61345", "reference_id": "61345", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61345" }, { "reference_url": "http://secunia.com/advisories/61359", "reference_id": "61359", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61359" }, { "reference_url": "http://secunia.com/advisories/61782", "reference_id": "61782", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61782" }, { "reference_url": "http://secunia.com/advisories/61810", "reference_id": "61810", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61810" }, { "reference_url": "http://secunia.com/advisories/61819", "reference_id": "61819", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61819" }, { "reference_url": "http://secunia.com/advisories/61825", "reference_id": "61825", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61825" }, { "reference_url": "http://secunia.com/advisories/61827", "reference_id": "61827", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61827" }, { "reference_url": "http://secunia.com/advisories/61926", "reference_id": "61926", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61926" }, { "reference_url": "http://secunia.com/advisories/61995", "reference_id": "61995", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61995" }, { "reference_url": "http://www.securityfocus.com/bid/70574", "reference_id": "70574", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/bid/70574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539", "reference_id": "765539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702", "reference_id": "765702", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164", "reference_id": "768164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904", "reference_id": "769904", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359", "reference_id": "771359", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "reference_id": "advisories?name=MDVSA-2014:203", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "reference_id": "advisories?name=MDVSA-2015:062", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "reference_url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "reference_id": "AST-2014-011.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html" }, { "reference_url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "reference_id": "attack-of-week-poodle.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "reference_id": "cisco-sa-20141015-poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "reference_url": "http://support.citrix.com/article/CTX200238", "reference_id": "CTX200238", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://support.citrix.com/article/CTX200238" }, { "reference_url": "https://support.citrix.com/article/CTX216642", "reference_id": "CTX216642", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.citrix.com/article/CTX216642" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "reference_id": "CVE-2014-3566.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html" }, { "reference_url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "reference_id": "cve-2014-3566-removing-sslv3-from-big-ip", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "reference_url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "reference_id": "display?docId=emr_na-c04583581", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "reference_id": "display?docId=emr_na-c04779034", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "reference_id": "docDisplay?docId=emr_na-c04819635", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "reference_id": "docDisplay?docId=emr_na-c05068681", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "reference_id": "docDisplay?docId=emr_na-c05157667", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "reference_id": "docDisplay?docId=emr_na-c05301946", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" }, { "reference_url": "https://www.suse.com/support/kb/doc.php?id=7015773", "reference_id": "doc.php?id=7015773", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "reference_id": "docview.wss?uid=isg3T1021431", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "reference_id": "docview.wss?uid=isg3T1021439", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "reference_id": "docview.wss?uid=swg21686997", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "reference_id": "docview.wss?uid=swg21687172", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "reference_id": "docview.wss?uid=swg21687611", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "reference_url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "reference_id": "docview.wss?uid=swg21688165", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "reference_id": "docview.wss?uid=swg21688283", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "reference_id": "docview.wss?uid=swg21692299", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3053", "reference_id": "dsa-3053", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3053" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3144", "reference_id": "dsa-3144", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3144" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3147", "reference_id": "dsa-3147", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3147" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3489", "reference_id": "dsa-3489", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3489" }, { "reference_url": "https://security.gentoo.org/glsa/201411-10", "reference_id": "GLSA-201411-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-10" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201606-11", "reference_id": "GLSA-201606-11", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.gentoo.org/glsa/201606-11" }, { "reference_url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_id": "how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "reference_url": "http://support.apple.com/HT204244", "reference_id": "HT204244", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://support.apple.com/HT204244" }, { "reference_url": "https://support.apple.com/kb/HT6527", "reference_id": "HT6527", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6527" }, { "reference_url": "https://support.apple.com/kb/HT6529", "reference_id": "HT6529", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6529" }, { "reference_url": "https://support.apple.com/kb/HT6531", "reference_id": "HT6531", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6531" }, { "reference_url": "https://support.apple.com/kb/HT6535", "reference_id": "HT6535", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6535" }, { "reference_url": "https://support.apple.com/kb/HT6541", "reference_id": "HT6541", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6541" }, { "reference_url": "https://support.apple.com/kb/HT6542", "reference_id": "HT6542", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6542" }, { "reference_url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "reference_id": "hw-405500.htm", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "reference_url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "reference_id": "ICSMA-18-058-02", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "index?page=content&id=JSA10705", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090", "reference_id": "index?page=content&id=SB10090", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091", "reference_id": "index?page=content&id=SB10091", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104", "reference_id": "index?page=content&id=SB10104", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2", "reference_id": "?l=bugtraq&m=141450452204552&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2", "reference_id": "?l=bugtraq&m=141450973807288&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2", "reference_id": "?l=bugtraq&m=141477196830952&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2", "reference_id": "?l=bugtraq&m=141576815022399&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2", "reference_id": "?l=bugtraq&m=141577087123040&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2", "reference_id": "?l=bugtraq&m=141577350823734&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2", "reference_id": "?l=bugtraq&m=141620103726640&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2", "reference_id": "?l=bugtraq&m=141628688425177&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2", "reference_id": "?l=bugtraq&m=141694355519663&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2", "reference_id": "?l=bugtraq&m=141697638231025&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2", "reference_id": "?l=bugtraq&m=141697676231104&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2", "reference_id": "?l=bugtraq&m=141703183219781&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2", "reference_id": "?l=bugtraq&m=141715130023061&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2", "reference_id": "?l=bugtraq&m=141775427104070&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2", "reference_id": "?l=bugtraq&m=141813976718456&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2", "reference_id": "?l=bugtraq&m=141814011518700&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2", "reference_id": "?l=bugtraq&m=141879378918327&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "reference_id": "?l=bugtraq&m=142103967620673&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2", "reference_id": "?l=bugtraq&m=142118135300698&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2", "reference_id": "?l=bugtraq&m=142296755107581&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2", "reference_id": "?l=bugtraq&m=142350196615714&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2", "reference_id": "?l=bugtraq&m=142350298616097&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2", "reference_id": "?l=bugtraq&m=142350743917559&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2", "reference_id": "?l=bugtraq&m=142354438527235&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2", "reference_id": "?l=bugtraq&m=142357976805598&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2", "reference_id": "?l=bugtraq&m=142495837901899&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2", "reference_id": "?l=bugtraq&m=142496355704097&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2", "reference_id": "?l=bugtraq&m=142546741516006&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2", "reference_id": "?l=bugtraq&m=142607790919348&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2", "reference_id": "?l=bugtraq&m=142624590206005&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067", "reference_id": "?l=bugtraq&m=142624619906067", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624619906067" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2", "reference_id": "?l=bugtraq&m=142624619906067&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2", "reference_id": "?l=bugtraq&m=142624679706236&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2", "reference_id": "?l=bugtraq&m=142624719706349&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2", "reference_id": "?l=bugtraq&m=142721830231196&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2", "reference_id": "?l=bugtraq&m=142721887231400&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2", "reference_id": "?l=bugtraq&m=142740155824959&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2", "reference_id": "?l=bugtraq&m=142791032306609&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2", "reference_id": "?l=bugtraq&m=142804214608580&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2", "reference_id": "?l=bugtraq&m=142805027510172&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2", "reference_id": "?l=bugtraq&m=142962817202793&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2", "reference_id": "?l=bugtraq&m=143039249603103&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2", "reference_id": "?l=bugtraq&m=143101048219218&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2", "reference_id": "?l=bugtraq&m=143290371927178&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2", "reference_id": "?l=bugtraq&m=143290437727362&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2", "reference_id": "?l=bugtraq&m=143290522027658&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2", "reference_id": "?l=bugtraq&m=143290583027876&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2", "reference_id": "?l=bugtraq&m=143558137709884&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2", "reference_id": "?l=bugtraq&m=143558192010071&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2", "reference_id": "?l=bugtraq&m=143628269912142&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2", "reference_id": "?l=bugtraq&m=144101915224472&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2", "reference_id": "?l=bugtraq&m=144251162130364&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2", "reference_id": "?l=bugtraq&m=144294141001552&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2", "reference_id": "?l=bugtraq&m=145983526810210&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2" }, { "reference_url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2", "reference_id": "?l=openssl-dev&m=141333049205629&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0416.html", "reference_id": "MGASA-2014-0416.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://advisories.mageia.org/MGASA-2014-0416.html" }, { "reference_url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "reference_id": "MOVEitReleaseNotes82.pdf", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "reference_id": "msg00036.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "reference_id": "msg00066.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "reference_url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "reference_id": "multiple_vulnerabilities_in_openssl6", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "reference_id": "NetBSD-SA2014-015.txt.asc", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "reference_url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "reference_id": "node-v0-10-33-stable", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20141015-0001/", "reference_id": "ntap-20141015-0001", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "reference_id": "openssl_advisory11.asc", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "reference_url": "https://support.lenovo.com/product_security/poodle", "reference_id": "poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.lenovo.com/product_security/poodle" }, { "reference_url": "https://support.lenovo.com/us/en/product_security/poodle", "reference_id": "poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "reference_url": "https://www.imperialviolet.org/2014/10/14/poodle.html", "reference_id": "poodle.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "reference_url": "https://github.com/mpgn/poodle-PoC", "reference_id": "poodle-PoC", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://github.com/mpgn/poodle-PoC" }, { "reference_url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "reference_id": "poodle-sslv3-vulnerability", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "reference_id": "RHSA-2014-1652.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "reference_id": "RHSA-2014-1653.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "reference_id": "RHSA-2014-1692.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "reference_id": "RHSA-2014-1876.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "reference_id": "RHSA-2014-1877.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "reference_id": "RHSA-2014-1880.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "reference_id": "RHSA-2014-1881.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "reference_id": "RHSA-2014-1882.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "reference_id": "RHSA-2014-1920.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "reference_id": "RHSA-2014-1948.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "reference_id": "RHSA-2015-0068.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "reference_id": "RHSA-2015-0079.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "reference_id": "RHSA-2015-0080.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "reference_id": "RHSA-2015-0085.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "reference_id": "RHSA-2015-0086.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "reference_id": "RHSA-2015-0264.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "reference_id": "RHSA-2015-0698.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "reference_id": "RHSA-2015-1545.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "reference_id": "RHSA-2015-1546.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa83", "reference_id": "sa83", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "reference_url": "https://www.openssl.org/news/secadv_20141015.txt", "reference_id": "secadv_20141015.txt", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "reference_url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "reference_id": "security-advisory-3009008-released.aspx", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "reference_id": "show_bug.cgi?id=1076983", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "reference_id": "show_bug.cgi?id=1152789", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "reference_url": "https://www.openssl.org/~bodo/ssl-poodle.pdf", "reference_id": "ssl-poodle.pdf", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "reference_url": "http://www.us-cert.gov/ncas/alerts/TA14-290A", "reference_id": "TA14-290A", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-290A" }, { "reference_url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "reference_id": "the-poodle-attack-and-the-end-of-ssl-3-0", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "reference_url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "reference_id": "this-poodle-bites-exploiting-ssl-30.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "reference_url": "https://usn.ubuntu.com/2486-1/", "reference_id": "USN-2486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2486-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2486-1", "reference_id": "USN-2486-1", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2486-1" }, { "reference_url": "https://usn.ubuntu.com/2487-1/", "reference_id": "USN-2487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2487-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2487-1", "reference_id": "USN-2487-1", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2487-1" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "reference_id": "VMSA-2015-0003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" }, { "reference_url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_id": "Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201273?format=api", "purl": "pkg:deb/debian/openssl@1.0.1j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3566" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ad6r-2393-aye4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42879?format=api", "vulnerability_id": "VCID-aqyt-krwu-33gk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04479", "scoring_system": "epss", "scoring_elements": "0.89278", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4339" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339", "reference_id": "CVE-2006-4339", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339" }, { "reference_url": "https://security.gentoo.org/glsa/200609-05", "reference_id": "GLSA-200609-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200609-05" }, { "reference_url": "https://security.gentoo.org/glsa/200610-06", "reference_id": "GLSA-200610-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200610-06" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2006-60", "reference_id": "mfsa2006-60", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2006-60" }, { "reference_url": "https://usn.ubuntu.com/339-1/", "reference_id": "USN-339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201235?format=api", "purl": "pkg:deb/debian/openssl@0.9.8b-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8b-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-4339" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aqyt-krwu-33gk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100816?format=api", "vulnerability_id": "VCID-at9f-6pcq-v7he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43537", "scoring_system": "epss", "scoring_elements": "0.97576", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" }, { "reference_url": "https://usn.ubuntu.com/2914-1/", "reference_id": "USN-2914-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2914-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201281?format=api", "purl": "pkg:deb/debian/openssl@1.0.2g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0799" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-at9f-6pcq-v7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30110?format=api", "vulnerability_id": "VCID-az94-39yv-7fga", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28737", "scoring_system": "epss", "scoring_elements": "0.96623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0147" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201227?format=api", "purl": "pkg:deb/debian/openssl@0.9.7b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0147" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-az94-39yv-7fga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4886?format=api", "vulnerability_id": "VCID-b4xf-nw2v-qygp", "summary": "denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24759", "scoring_system": "epss", "scoring_elements": "0.96243", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7054" }, { "reference_url": "https://security.archlinux.org/AVG-143", "reference_id": "AVG-143", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-143" }, { "reference_url": "https://security.archlinux.org/AVG-144", "reference_id": "AVG-144", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-144" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40899.py", "reference_id": "CVE-2016-7054", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40899.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201286?format=api", "purl": "pkg:deb/debian/openssl@1.1.0c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7054" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b4xf-nw2v-qygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203960?format=api", "vulnerability_id": "VCID-b84d-ps4u-67g5", "summary": "", "references": [ { "reference_url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.83506", "scoring_system": "epss", "scoring_elements": "0.99296", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3" }, { "reference_url": "https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3" }, { "reference_url": "https://github.com/rustsec/advisory-db/pull/1452", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rustsec/advisory-db/pull/1452" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0064.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0064.html" }, { "reference_url": "https://security.gentoo.org/glsa/202211-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "https://security.gentoo.org/glsa/202211-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221102-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20221102-0001" }, { "reference_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a" }, { "reference_url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html" }, { "reference_url": "https://www.kb.cert.org/vuls/id/794340", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "https://www.kb.cert.org/vuls/id/794340" }, { "reference_url": "https://www.openssl.org/news/secadv/20221101.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "https://www.openssl.org/news/secadv/20221101.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/15", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/17", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/19", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/20", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/24", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/12" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/13" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/14" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/15", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/15" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137723", "reference_id": "2137723", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137723" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602", "reference_id": "CVE-2022-3602", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602" }, { "reference_url": "https://github.com/advisories/GHSA-8rwr-x37p-mx23", "reference_id": "GHSA-8rwr-x37p-mx23", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8rwr-x37p-mx23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7288", "reference_id": "RHSA-2022:7288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7384", "reference_id": "RHSA-2022:7384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7384" }, { "reference_url": "https://usn.ubuntu.com/5710-1/", "reference_id": "USN-5710-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5710-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201316?format=api", "purl": "pkg:deb/debian/openssl@3.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3602", "GHSA-8rwr-x37p-mx23" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b84d-ps4u-67g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17125?format=api", "vulnerability_id": "VCID-bf5v-rz9k-9qgh", "summary": "Improper Certificate Validation\nA security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0464.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0464.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.73077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0464" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1" }, { "reference_url": "https://www.openssl.org/news/secadv/20230322.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://www.openssl.org/news/secadv/20230322.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720", "reference_id": "1034720", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181082", "reference_id": "2181082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181082" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464", "reference_id": "CVE-2023-0464", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3722", "reference_id": "RHSA-2023:3722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7622", "reference_id": "RHSA-2023:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7623", "reference_id": "RHSA-2023:7623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://usn.ubuntu.com/6039-1/", "reference_id": "USN-6039-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6039-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201320?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201319?format=api", "purl": "pkg:deb/debian/openssl@3.0.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0464" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bf5v-rz9k-9qgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8658?format=api", "vulnerability_id": "VCID-bkcg-64ws-afcf", "summary": "The renegotiation vulnerability in SSL protocol", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html" }, { "reference_url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html" }, { "reference_url": "http://blogs.iss.net/archive/sslmitmiscsrf.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://blogs.iss.net/archive/sslmitmiscsrf.html" }, { "reference_url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during" }, { "reference_url": "http://clicky.me/tlsvuln", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://clicky.me/tlsvuln" }, { "reference_url": "http://extendedsubset.com/?p=8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://extendedsubset.com/?p=8" }, { "reference_url": "http://extendedsubset.com/Renegotiating_TLS.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://extendedsubset.com/Renegotiating_TLS.pdf" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041" }, { "reference_url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" }, { "reference_url": "http://kbase.redhat.com/faq/docs/DOC-20491", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://kbase.redhat.com/faq/docs/DOC-20491" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" }, { "reference_url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html" }, { "reference_url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2" }, { "reference_url": "http://marc.info/?l=cryptography&m=125752275331877&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=cryptography&m=125752275331877&w=2" }, { "reference_url": "http://openbsd.org/errata45.html#010_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://openbsd.org/errata45.html#010_openssl" }, { "reference_url": "http://openbsd.org/errata46.html#004_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://openbsd.org/errata46.html#004_openssl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1579", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1580", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1694", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0119", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0130", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0162", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0165", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0167", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0337", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0338", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0339", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0408", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0440", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0768", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0770", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0786", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0807", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0865", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0986", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0987", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0987" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0880", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2011:0880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1591", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1591" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03741", "scoring_system": "epss", "scoring_elements": "0.8821", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125" }, { "reference_url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049" }, { "reference_url": "http://seclists.org/fulldisclosure/2009/Nov/139", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2009/Nov/139" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200912-01.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-200912-01.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201203-22.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5" }, { "reference_url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d" }, { "reference_url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3" }, { "reference_url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701" }, { "reference_url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02" }, { "reference_url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3" }, { "reference_url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d" }, { "reference_url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366" }, { "reference_url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "reference_url": "https://kb.bluecoat.com/index?page=content&id=SA50", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://kb.bluecoat.com/index?page=content&id=SA50" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446" }, { "reference_url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535" }, { "reference_url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html" }, { "reference_url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt" }, { "reference_url": "https://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-5.html" }, { "reference_url": "https://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-6.html" }, { "reference_url": "https://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-7.html" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1" }, { "reference_url": "http://support.apple.com/kb/HT4004", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.apple.com/kb/HT4004" }, { "reference_url": "http://support.apple.com/kb/HT4170", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.apple.com/kb/HT4170" }, { "reference_url": "http://support.apple.com/kb/HT4171", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.apple.com/kb/HT4171" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100070150", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100070150" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100081611", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100081611" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114315", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100114315" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114327", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100114327" }, { "reference_url": "http://support.citrix.com/article/CTX123359", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.citrix.com/article/CTX123359" }, { "reference_url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES" }, { "reference_url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html" }, { "reference_url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt" }, { "reference_url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html" }, { "reference_url": "http://ubuntu.com/usn/usn-923-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://ubuntu.com/usn/usn-923-1" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312" }, { "reference_url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only" }, { "reference_url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt" }, { "reference_url": "http://www.betanews.com/article/1257452450", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.betanews.com/article/1257452450" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1934", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.debian.org/security/2009/dsa-1934" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2141", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.debian.org/security/2011/dsa-2141" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html" }, { "reference_url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html" }, { "reference_url": "http://www.ingate.com/Relnote.php?ver=481", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ingate.com/Relnote.php?ver=481" }, { "reference_url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995" }, { "reference_url": "http://www.kb.cert.org/vuls/id/120541", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.kb.cert.org/vuls/id/120541" }, { "reference_url": "http://www.links.org/?p=780", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.links.org/?p=780" }, { "reference_url": "http://www.links.org/?p=786", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.links.org/?p=786" }, { "reference_url": "http://www.links.org/?p=789", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.links.org/?p=789" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089" }, { "reference_url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html" }, { "reference_url": "http://www.openssl.org/news/secadv_20091111.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openssl.org/news/secadv_20091111.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/06/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/07/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/07/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/23/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10" }, { "reference_url": "http://www.opera.com/docs/changelogs/unix/1060", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/docs/changelogs/unix/1060" }, { "reference_url": "http://www.opera.com/support/search/view/944", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/support/search/view/944" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" }, { "reference_url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" }, { "reference_url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html" }, { "reference_url": "http://www.tombom.co.uk/blog/?p=85", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.tombom.co.uk/blog/?p=85" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1010-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-1010-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-927-4" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-927-5" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" }, { "reference_url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0032", "reference_id": "0032", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0032" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0033", "reference_id": "0033", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0033" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0086", "reference_id": "0086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0086" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0086", "reference_id": "0086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0086" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0173", "reference_id": "0173", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0173" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0748", "reference_id": "0748", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0748" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0848", "reference_id": "0848", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0848" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0916", "reference_id": "0916", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0916" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0933", "reference_id": "0933", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0933" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0982", "reference_id": "0982", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0982" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0994", "reference_id": "0994", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0994" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1054", "reference_id": "1054", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1054" }, { "reference_url": "http://www.opera.com/docs/changelogs/unix/1060/", "reference_id": "1060", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.opera.com/docs/changelogs/unix/1060/" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1191", "reference_id": "1191", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1191" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1350", "reference_id": "1350", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1350" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1639", "reference_id": "1639", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1639" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1673", "reference_id": "1673", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1673" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1793", "reference_id": "1793", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1793" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2010", "reference_id": "2010", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/2010" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2745", "reference_id": "2745", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/2745" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3069", "reference_id": "3069", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3069" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3086", "reference_id": "3086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3086" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3126", "reference_id": "3126", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3126" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3164", "reference_id": "3164", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3164" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3165", "reference_id": "3165", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3165" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3205", "reference_id": "3205", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3205" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3220", "reference_id": "3220", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3220" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3310", "reference_id": "3310", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3310" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3313", "reference_id": "3313", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3313" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3353", "reference_id": "3353", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3353" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3354", "reference_id": "3354", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3354" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3484", "reference_id": "3484", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3484" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3521", "reference_id": "3521", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3521" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3587", "reference_id": "3587", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3587" }, { "reference_url": "http://www.securityfocus.com/bid/36935", "reference_id": "36935", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/bid/36935" }, { "reference_url": "http://secunia.com/advisories/37291", "reference_id": "37291", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37291" }, { "reference_url": "http://secunia.com/advisories/37292", "reference_id": "37292", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37292" }, { "reference_url": "http://secunia.com/advisories/37320", "reference_id": "37320", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37320" }, { "reference_url": "http://secunia.com/advisories/37383", "reference_id": "37383", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37383" }, { "reference_url": "http://secunia.com/advisories/37399", "reference_id": "37399", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37399" }, { "reference_url": "http://secunia.com/advisories/37453", "reference_id": "37453", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37453" }, { "reference_url": "http://secunia.com/advisories/37501", "reference_id": "37501", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37501" }, { "reference_url": "http://secunia.com/advisories/37504", "reference_id": "37504", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37504" }, { "reference_url": "http://secunia.com/advisories/37604", "reference_id": "37604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37604" }, { "reference_url": "http://secunia.com/advisories/37640", "reference_id": "37640", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37640" }, { "reference_url": "http://secunia.com/advisories/37656", "reference_id": "37656", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37656" }, { "reference_url": "http://secunia.com/advisories/37675", "reference_id": "37675", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37675" }, { "reference_url": "http://secunia.com/advisories/37859", "reference_id": "37859", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37859" }, { "reference_url": "http://secunia.com/advisories/38003", "reference_id": "38003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38003" }, { "reference_url": "http://secunia.com/advisories/38020", "reference_id": "38020", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38020" }, { "reference_url": "http://secunia.com/advisories/38056", "reference_id": "38056", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38056" }, { "reference_url": "http://secunia.com/advisories/38241", "reference_id": "38241", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38241" }, { "reference_url": "http://secunia.com/advisories/38484", "reference_id": "38484", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38484" }, { "reference_url": "http://secunia.com/advisories/38687", "reference_id": "38687", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38687" }, { "reference_url": "http://secunia.com/advisories/38781", "reference_id": "38781", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38781" }, { "reference_url": "http://secunia.com/advisories/39127", "reference_id": "39127", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39127" }, { "reference_url": "http://secunia.com/advisories/39136", "reference_id": "39136", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39136" }, { "reference_url": "http://secunia.com/advisories/39242", "reference_id": "39242", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39242" }, { "reference_url": "http://secunia.com/advisories/39243", "reference_id": "39243", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39243" }, { "reference_url": "http://secunia.com/advisories/39278", "reference_id": "39278", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39278" }, { "reference_url": "http://secunia.com/advisories/39292", "reference_id": "39292", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39292" }, { "reference_url": "http://secunia.com/advisories/39317", "reference_id": "39317", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39317" }, { "reference_url": "http://secunia.com/advisories/39461", "reference_id": "39461", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39461" }, { "reference_url": "http://secunia.com/advisories/39500", "reference_id": "39500", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39500" }, { "reference_url": "http://secunia.com/advisories/39628", "reference_id": "39628", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39628" }, { "reference_url": "http://secunia.com/advisories/39632", "reference_id": "39632", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39632" }, { "reference_url": "http://secunia.com/advisories/39713", "reference_id": "39713", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39713" }, { "reference_url": "http://secunia.com/advisories/39819", "reference_id": "39819", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39819" }, { "reference_url": "http://secunia.com/advisories/40070", "reference_id": "40070", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40070" }, { "reference_url": "http://secunia.com/advisories/40545", "reference_id": "40545", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40545" }, { "reference_url": "http://secunia.com/advisories/40747", "reference_id": "40747", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40747" }, { "reference_url": "http://secunia.com/advisories/40866", "reference_id": "40866", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40866" }, { "reference_url": "http://secunia.com/advisories/41480", "reference_id": "41480", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41480" }, { "reference_url": "http://secunia.com/advisories/41490", "reference_id": "41490", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41490" }, { "reference_url": "http://secunia.com/advisories/41818", "reference_id": "41818", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41818" }, { "reference_url": "http://secunia.com/advisories/41967", "reference_id": "41967", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41967" }, { "reference_url": "http://secunia.com/advisories/41972", "reference_id": "41972", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41972" }, { "reference_url": "http://secunia.com/advisories/42377", "reference_id": "42377", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42377" }, { "reference_url": "http://secunia.com/advisories/42379", "reference_id": "42379", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42379" }, { "reference_url": "http://secunia.com/advisories/42467", "reference_id": "42467", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42467" }, { "reference_url": "http://secunia.com/advisories/42724", "reference_id": "42724", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42724" }, { "reference_url": "http://secunia.com/advisories/42733", "reference_id": "42733", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42733" }, { "reference_url": "http://secunia.com/advisories/42808", "reference_id": "42808", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42808" }, { "reference_url": "http://secunia.com/advisories/42811", "reference_id": "42811", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42811" }, { "reference_url": "http://secunia.com/advisories/42816", "reference_id": "42816", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42816" }, { "reference_url": "http://secunia.com/advisories/43308", "reference_id": "43308", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/43308" }, { "reference_url": "http://secunia.com/advisories/44954", "reference_id": "44954", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/44954" }, { "reference_url": "http://secunia.com/advisories/48577", "reference_id": "48577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/48577" }, { "reference_url": "http://www.securityfocus.com/archive/1/522176", "reference_id": "522176", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/522176" }, { "reference_url": "http://osvdb.org/60521", "reference_id": "60521", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/60521" }, { "reference_url": "http://osvdb.org/60972", "reference_id": "60972", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/60972" }, { "reference_url": "http://osvdb.org/62210", "reference_id": "62210", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/62210" }, { "reference_url": "http://osvdb.org/65202", "reference_id": "65202", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/65202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649", "reference_id": "765649", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649" }, { "reference_url": "http://www.opera.com/support/search/view/944/", "reference_id": "944", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.opera.com/support/search/view/944/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2009-3555" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py", "reference_id": "CVE-2009-3555", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html", "reference_id": "CVE-2009-3555.HTML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt" }, { "reference_url": "https://www.securityfocus.com/bid/35888/info", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35888/info" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "reference_id": "f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6", "reference_id": "GHSA-f7w7-6pjc-wwm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://security.gentoo.org/glsa/201006-18", "reference_id": "GLSA-201006-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201006-18" }, { "reference_url": "https://security.gentoo.org/glsa/201110-05", "reference_id": "GLSA-201110-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-05" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" }, { "reference_url": "https://security.gentoo.org/glsa/201206-18", "reference_id": "GLSA-201206-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-18" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201309-15", "reference_id": "GLSA-201309-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-15" }, { "reference_url": "https://security.gentoo.org/glsa/201311-13", "reference_id": "GLSA-201311-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-13" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "http://securitytracker.com/id?1023148", "reference_id": "id?1023148", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://securitytracker.com/id?1023148" }, { "reference_url": "http://www.securitytracker.com/id?1023163", "reference_id": "id?1023163", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023163" }, { "reference_url": "http://www.securitytracker.com/id?1023204", "reference_id": "id?1023204", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023204" }, { "reference_url": "http://www.securitytracker.com/id?1023205", "reference_id": "id?1023205", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023205" }, { "reference_url": "http://www.securitytracker.com/id?1023206", "reference_id": "id?1023206", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023206" }, { "reference_url": "http://www.securitytracker.com/id?1023207", "reference_id": "id?1023207", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023207" }, { "reference_url": "http://www.securitytracker.com/id?1023208", "reference_id": "id?1023208", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023208" }, { "reference_url": "http://www.securitytracker.com/id?1023209", "reference_id": "id?1023209", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023209" }, { "reference_url": "http://www.securitytracker.com/id?1023210", "reference_id": "id?1023210", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023210" }, { "reference_url": "http://www.securitytracker.com/id?1023211", "reference_id": "id?1023211", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023211" }, { "reference_url": "http://www.securitytracker.com/id?1023212", "reference_id": "id?1023212", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023212" }, { "reference_url": "http://www.securitytracker.com/id?1023213", "reference_id": "id?1023213", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023213" }, { "reference_url": "http://www.securitytracker.com/id?1023214", "reference_id": "id?1023214", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023214" }, { "reference_url": "http://www.securitytracker.com/id?1023215", "reference_id": "id?1023215", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023215" }, { "reference_url": "http://www.securitytracker.com/id?1023216", "reference_id": "id?1023216", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023216" }, { "reference_url": "http://www.securitytracker.com/id?1023217", "reference_id": "id?1023217", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023217" }, { "reference_url": "http://www.securitytracker.com/id?1023218", "reference_id": "id?1023218", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023218" }, { "reference_url": "http://www.securitytracker.com/id?1023219", "reference_id": "id?1023219", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023219" }, { "reference_url": "http://www.securitytracker.com/id?1023224", "reference_id": "id?1023224", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023224" }, { "reference_url": "http://www.securitytracker.com/id?1023243", "reference_id": "id?1023243", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023243" }, { "reference_url": "http://www.securitytracker.com/id?1023270", "reference_id": "id?1023270", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023270" }, { "reference_url": "http://www.securitytracker.com/id?1023271", "reference_id": "id?1023271", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023271" }, { "reference_url": "http://www.securitytracker.com/id?1023272", "reference_id": "id?1023272", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023272" }, { "reference_url": "http://www.securitytracker.com/id?1023273", "reference_id": "id?1023273", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023273" }, { "reference_url": "http://www.securitytracker.com/id?1023274", "reference_id": "id?1023274", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023274" }, { "reference_url": "http://www.securitytracker.com/id?1023275", "reference_id": "id?1023275", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023275" }, { "reference_url": "http://www.securitytracker.com/id?1023411", "reference_id": "id?1023411", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023411" }, { "reference_url": "http://www.securitytracker.com/id?1023426", "reference_id": "id?1023426", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023426" }, { "reference_url": "http://www.securitytracker.com/id?1023427", "reference_id": "id?1023427", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023427" }, { "reference_url": "http://www.securitytracker.com/id?1023428", "reference_id": "id?1023428", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023428" }, { "reference_url": "http://www.securitytracker.com/id?1024789", "reference_id": "id?1024789", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1024789" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22", "reference_id": "mfsa2010-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A10088", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A11578", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A11617", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7315", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7478", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7973", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A8366", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A8535", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535" }, { "reference_url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html", "reference_id": "plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "reference_id": "re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" }, { "reference_url": "https://usn.ubuntu.com/1010-1/", "reference_id": "USN-1010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1010-1/" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" }, { "reference_url": "https://usn.ubuntu.com/923-1/", "reference_id": "USN-923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/923-1/" }, { "reference_url": "https://usn.ubuntu.com/927-1/", "reference_id": "USN-927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-1/" }, { "reference_url": "https://usn.ubuntu.com/927-4/", "reference_id": "USN-927-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-4/" }, { "reference_url": "https://usn.ubuntu.com/927-6/", "reference_id": "USN-927-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-6/" }, { "reference_url": "https://usn.ubuntu.com/990-1/", "reference_id": "USN-990-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-1/" }, { "reference_url": "https://usn.ubuntu.com/990-2/", "reference_id": "USN-990-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201250?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3555", "GHSA-f7w7-6pjc-wwm6", "VU#120541" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bkcg-64ws-afcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64245?format=api", "vulnerability_id": "VCID-bp6j-8p86-cqdv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0433", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17272", "scoring_system": "epss", "scoring_elements": "0.95149", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0433" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0433" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bp6j-8p86-cqdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106088?format=api", "vulnerability_id": "VCID-bqbu-5hcj-yyge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13256", "scoring_system": "epss", "scoring_elements": "0.94272", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6307" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6307" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqbu-5hcj-yyge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97204?format=api", "vulnerability_id": "VCID-bt13-kf7f-mybm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00806", "scoring_system": "epss", "scoring_elements": "0.74464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5738" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5738" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bt13-kf7f-mybm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/283237?format=api", "vulnerability_id": "VCID-bvz5-dj4f-gbbz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14604", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65", "reference_id": "1f08e54bad32843044fe8a675948d65e3b4ece65", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/" } ], "url": "https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "reference_id": "2430377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377" }, { "reference_url": "https://github.com/openssl/openssl/commit/7c88376731c589ee5b36116c5a6e32d5ae5f7ae2", "reference_id": "7c88376731c589ee5b36116c5a6e32d5ae5f7ae2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/" } ], "url": "https://github.com/openssl/openssl/commit/7c88376731c589ee5b36116c5a6e32d5ae5f7ae2" }, { "reference_url": "https://github.com/openssl/openssl/commit/b2539639400288a4580fe2d76247541b976bade4", "reference_id": "b2539639400288a4580fe2d76247541b976bade4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/" } ], "url": "https://github.com/openssl/openssl/commit/b2539639400288a4580fe2d76247541b976bade4" }, { "reference_url": "https://github.com/openssl/openssl/commit/d75b309879631d45b972396ce4e5102559c64ac7", "reference_id": "d75b309879631d45b972396ce4e5102559c64ac7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/" } ], "url": "https://github.com/openssl/openssl/commit/d75b309879631d45b972396ce4e5102559c64ac7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-15468" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvz5-dj4f-gbbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59617?format=api", "vulnerability_id": "VCID-bzjd-tqm2-63hc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49523", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0653" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517791", "reference_id": "517791", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517791" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201232?format=api", "purl": "pkg:deb/debian/openssl@0.9.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0653" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzjd-tqm2-63hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59554?format=api", "vulnerability_id": "VCID-c222-chzg-2fdv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10016", "scoring_system": "epss", "scoring_elements": "0.93185", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0590" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522002", "reference_id": "522002", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522002" }, { "reference_url": "https://security.gentoo.org/glsa/200904-08", "reference_id": "GLSA-200904-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-08" }, { "reference_url": "https://usn.ubuntu.com/750-1/", "reference_id": "USN-750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201245?format=api", "purl": "pkg:deb/debian/openssl@0.9.8g-16?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8g-16%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0590" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c222-chzg-2fdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52916?format=api", "vulnerability_id": "VCID-c4d3-qwme-5khh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11276", "scoring_system": "epss", "scoring_elements": "0.93646", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0891" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483379", "reference_id": "483379", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483379" }, { "reference_url": "https://security.gentoo.org/glsa/200806-08", "reference_id": "GLSA-200806-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200806-08" }, { "reference_url": "https://usn.ubuntu.com/620-1/", "reference_id": "USN-620-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/620-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201242?format=api", "purl": "pkg:deb/debian/openssl@0.9.8g-10.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8g-10.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-0891" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4d3-qwme-5khh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56852?format=api", "vulnerability_id": "VCID-c5p3-qdqy-vuay", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-5077", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46966", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-5077" }, { "reference_url": "https://security.gentoo.org/glsa/200902-02", "reference_id": "GLSA-200902-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200902-02" }, { "reference_url": "https://security.gentoo.org/glsa/200904-05", "reference_id": "GLSA-200904-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-05" }, { "reference_url": "https://usn.ubuntu.com/704-1/", "reference_id": "USN-704-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/704-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201243?format=api", "purl": "pkg:deb/debian/openssl@0.9.8g-15?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8g-15%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-5077" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c5p3-qdqy-vuay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87377?format=api", "vulnerability_id": "VCID-c5pq-7749-m3g2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07556", "scoring_system": "epss", "scoring_elements": "0.91954", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:M/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3569" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c5pq-7749-m3g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91139?format=api", "vulnerability_id": "VCID-carn-3x68-1fhu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08728", "scoring_system": "epss", "scoring_elements": "0.92625", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8275" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-carn-3x68-1fhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/290284?format=api", "vulnerability_id": "VCID-cccj-zqe2-1bbw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00224", "scoring_system": "epss", "scoring_elements": "0.45134", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27587" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/issues/24253", "reference_id": "24253", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T16:16:27Z/" } ], "url": "https://github.com/openssl/openssl/issues/24253" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201342?format=api", "purl": "pkg:deb/debian/openssl@3.5.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-27587" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cccj-zqe2-1bbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64535?format=api", "vulnerability_id": "VCID-cgzk-h2zn-ffa8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15469", "scoring_system": "epss", "scoring_elements": "0.94774", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0740" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575607", "reference_id": "575607", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575607" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/12334.c", "reference_id": "CVE-2010-0740", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/12334.c" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201252?format=api", "purl": "pkg:deb/debian/openssl@0.9.8n-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8n-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0740" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgzk-h2zn-ffa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92632?format=api", "vulnerability_id": "VCID-cj7u-grnx-ebg9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28158", "scoring_system": "epss", "scoring_elements": "0.96574", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0208" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0208" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cj7u-grnx-ebg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4887?format=api", "vulnerability_id": "VCID-ckz3-pxsw-sba9", "summary": "denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01059", "scoring_system": "epss", "scoring_elements": "0.77931", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7053" }, { "reference_url": "https://security.archlinux.org/AVG-143", "reference_id": "AVG-143", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-143" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201286?format=api", "purl": "pkg:deb/debian/openssl@1.1.0c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7053" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ckz3-pxsw-sba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84469?format=api", "vulnerability_id": "VCID-cp9a-xvh6-5yhz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0076", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58429", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0076" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742923", "reference_id": "742923", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742923" }, { "reference_url": "https://security.gentoo.org/glsa/201404-07", "reference_id": "GLSA-201404-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-07" }, { "reference_url": "https://usn.ubuntu.com/2165-1/", "reference_id": "USN-2165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201269?format=api", "purl": "pkg:deb/debian/openssl@1.0.1g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0076" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cp9a-xvh6-5yhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94164?format=api", "vulnerability_id": "VCID-cuk9-5rqx-9ubp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15914", "scoring_system": "epss", "scoring_elements": "0.94868", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://usn.ubuntu.com/2639-1/", "reference_id": "USN-2639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201277?format=api", "purl": "pkg:deb/debian/openssl@1.0.2b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1788" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cuk9-5rqx-9ubp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94165?format=api", "vulnerability_id": "VCID-cypk-sb6p-mkbm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04532", "scoring_system": "epss", "scoring_elements": "0.89342", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://usn.ubuntu.com/2639-1/", "reference_id": "USN-2639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201277?format=api", "purl": "pkg:deb/debian/openssl@1.0.2b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1789" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cypk-sb6p-mkbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4999?format=api", "vulnerability_id": "VCID-czqv-mc7v-p7fs", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28004", "scoring_system": "epss", "scoring_elements": "0.96554", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6303" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6303" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-czqv-mc7v-p7fs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78659?format=api", "vulnerability_id": "VCID-d18g-jefr-d3hs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00943", "scoring_system": "epss", "scoring_elements": "0.76594", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0169" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885", "reference_id": "699885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888", "reference_id": "699888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889", "reference_id": "699889", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889" }, { "reference_url": "https://security.gentoo.org/glsa/201310-10", "reference_id": "GLSA-201310-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-10" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://usn.ubuntu.com/1732-1/", "reference_id": "USN-1732-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-1/" }, { "reference_url": "https://usn.ubuntu.com/1732-3/", "reference_id": "USN-1732-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-3/" }, { "reference_url": "https://usn.ubuntu.com/1735-1/", "reference_id": "USN-1735-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1735-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201266?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0169" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d18g-jefr-d3hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28266?format=api", "vulnerability_id": "VCID-d1e4-5v3t-3bd9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07941", "scoring_system": "epss", "scoring_elements": "0.92179", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0659" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/23199.c", "reference_id": "CVE-2002-0659;OSVDB-3943", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/23199.c" }, { "reference_url": "https://www.securityfocus.com/bid/8732/info", "reference_id": "CVE-2002-0659;OSVDB-3943", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/8732/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201224?format=api", "purl": "pkg:deb/debian/openssl@0.9.6e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-0659" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1e4-5v3t-3bd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67795?format=api", "vulnerability_id": "VCID-daj9-ygyv-wygy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.83119", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4252" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4252" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-daj9-ygyv-wygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4997?format=api", "vulnerability_id": "VCID-dc94-wvgb-xucn", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0887", "scoring_system": "epss", "scoring_elements": "0.92683", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6306" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6306" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dc94-wvgb-xucn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/274140?format=api", "vulnerability_id": "VCID-dgb5-cx9s-5uet", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6119.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6119.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14584", "scoring_system": "epss", "scoring_elements": "0.9458", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6119" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f", "reference_id": "05f360d9e849a1b277db628f1f13083a7f8dd04f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/" } ], "url": "https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f" }, { "reference_url": "https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6", "reference_id": "06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/" } ], "url": "https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306158", "reference_id": "2306158", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306158" }, { "reference_url": "https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2", "reference_id": "621f3729831b05ee828a3203eddb621d014ff2b2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/" } ], "url": "https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2" }, { "reference_url": "https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0", "reference_id": "7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/" } ], "url": "https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10818", "reference_id": "RHSA-2024:10818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6783", "reference_id": "RHSA-2024:6783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8935", "reference_id": "RHSA-2024:8935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8935" }, { "reference_url": "https://usn.ubuntu.com/6986-1/", "reference_id": "USN-6986-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6986-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201337?format=api", "purl": "pkg:deb/debian/openssl@3.0.14-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201336?format=api", "purl": "pkg:deb/debian/openssl@3.3.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.3.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6119" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgb5-cx9s-5uet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53655?format=api", "vulnerability_id": "VCID-dm5m-745b-rubb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18966", "scoring_system": "epss", "scoring_elements": "0.95431", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1672" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483379", "reference_id": "483379", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483379" }, { "reference_url": "https://security.gentoo.org/glsa/200806-08", "reference_id": "GLSA-200806-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200806-08" }, { "reference_url": "https://usn.ubuntu.com/620-1/", "reference_id": "USN-620-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/620-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201242?format=api", "purl": "pkg:deb/debian/openssl@0.9.8g-10.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8g-10.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-1672" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dm5m-745b-rubb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84566?format=api", "vulnerability_id": "VCID-dt56-5bhk-3ucu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89694", "scoring_system": "epss", "scoring_elements": "0.99582", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665", "reference_id": "750665", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665" }, { "reference_url": "https://security.gentoo.org/glsa/201407-05", "reference_id": "GLSA-201407-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201407-05" }, { "reference_url": "https://usn.ubuntu.com/2232-1/", "reference_id": "USN-2232-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2232-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201270?format=api", "purl": "pkg:deb/debian/openssl@1.0.1h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0224" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dt56-5bhk-3ucu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42322?format=api", "vulnerability_id": "VCID-du56-r8x9-d3bc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.53744", "scoring_system": "epss", "scoring_elements": "0.9804", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3738" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940", "reference_id": "389940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940" }, { "reference_url": "https://security.gentoo.org/glsa/200610-11", "reference_id": "GLSA-200610-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200610-11" }, { "reference_url": "https://security.gentoo.org/glsa/200612-11", "reference_id": "GLSA-200612-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200612-11" }, { "reference_url": "https://security.gentoo.org/glsa/200710-06", "reference_id": "GLSA-200710-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-06" }, { "reference_url": "https://usn.ubuntu.com/353-1/", "reference_id": "USN-353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201234?format=api", "purl": "pkg:deb/debian/openssl@0.9.8c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-3738" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-du56-r8x9-d3bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/252475?format=api", "vulnerability_id": "VCID-dv93-w96g-qfg7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2511.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2511.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09052", "scoring_system": "epss", "scoring_elements": "0.92775", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2511" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068658", "reference_id": "1068658", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068658" }, { "reference_url": "https://www.openssl.org/news/secadv/20240408.txt", "reference_id": "20240408.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/" } ], "url": "https://www.openssl.org/news/secadv/20240408.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "reference_id": "2274020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274020" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640", "reference_id": "5f8d25770ae6437db119dfc951e207271a326640", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640" }, { "reference_url": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce", "reference_id": "7e4d731b1c07201ad9374c1cd9ac5263bdf35bce", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/" } ], "url": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce" }, { "reference_url": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d", "reference_id": "b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/" } ], "url": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d" }, { "reference_url": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08", "reference_id": "e9d7083e241670332e0443da0f0d4ffb52829f08", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/" } ], "url": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9333", "reference_id": "RHSA-2024:9333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9333" }, { "reference_url": "https://usn.ubuntu.com/6937-1/", "reference_id": "USN-6937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6937-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201333?format=api", "purl": "pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201334?format=api", "purl": "pkg:deb/debian/openssl@3.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2511" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dv93-w96g-qfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267963?format=api", "vulnerability_id": "VCID-e2d4-8ewd-h3aq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4741.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58376", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4741" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072113", "reference_id": "1072113", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072113" }, { "reference_url": "https://www.openssl.org/news/secadv/20240528.txt", "reference_id": "20240528.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/" } ], "url": "https://www.openssl.org/news/secadv/20240528.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "reference_id": "2283757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283757" }, { "reference_url": "https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177", "reference_id": "704f725b96aa373ee45ecfb23f6abfe8be8d9177", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177" }, { "reference_url": "https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d", "reference_id": "b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d" }, { "reference_url": "https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac", "reference_id": "c88c3de51020c37e8706bf7a682a162593053aac", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac" }, { "reference_url": "https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8", "reference_id": "e5093133c35ca82874ad83697af76f4b0f7e3bd8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/" } ], "url": "https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4", "reference_id": "f7a045f3143fc6da2ee66bf52d8df04829590dd4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9333", "reference_id": "RHSA-2024:9333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9333" }, { "reference_url": "https://usn.ubuntu.com/6937-1/", "reference_id": "USN-6937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6937-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201333?format=api", "purl": "pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201334?format=api", "purl": "pkg:deb/debian/openssl@3.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-4741" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2d4-8ewd-h3aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78656?format=api", "vulnerability_id": "VCID-e5f8-kjv2-jbag", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09511", "scoring_system": "epss", "scoring_elements": "0.92972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0166" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889", "reference_id": "699889", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1732-1/", "reference_id": "USN-1732-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201266?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0166" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e5f8-kjv2-jbag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92677?format=api", "vulnerability_id": "VCID-e763-cmkp-uqde", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08814", "scoring_system": "epss", "scoring_elements": "0.92658", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0285" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0285" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e763-cmkp-uqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50582?format=api", "vulnerability_id": "VCID-e8pm-xndw-pqeb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.53124", "scoring_system": "epss", "scoring_elements": "0.98012", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5135" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444435", "reference_id": "444435", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444435" }, { "reference_url": "https://security.gentoo.org/glsa/200710-06", "reference_id": "GLSA-200710-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-06" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://usn.ubuntu.com/522-1/", "reference_id": "USN-522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/522-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201239?format=api", "purl": "pkg:deb/debian/openssl@0.9.8e-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8e-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-5135" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8pm-xndw-pqeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74101?format=api", "vulnerability_id": "VCID-e9ba-ceqp-tyfj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02774", "scoring_system": "epss", "scoring_elements": "0.86303", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0884" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1451-1/", "reference_id": "USN-1451-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1451-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201236?format=api", "purl": "pkg:deb/debian/openssl@1.0.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-0884" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9ba-ceqp-tyfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94169?format=api", "vulnerability_id": "VCID-e9g1-phhe-hfaf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1793", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76449", "scoring_system": "epss", "scoring_elements": "0.98961", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1793" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/38640.rb", "reference_id": "CVE-2015-1793;OSVDB-124300", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/38640.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201507-15", "reference_id": "GLSA-201507-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201278?format=api", "purl": "pkg:deb/debian/openssl@1.0.2d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1793" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9g1-phhe-hfaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/315015?format=api", "vulnerability_id": "VCID-ecac-wyth-3fgd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69421.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31787", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "reference_id": "2430387", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387" }, { "reference_url": "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b", "reference_id": "3524a29271f8191b8fd8a5257eb05173982a097b", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/" } ], "url": "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b" }, { "reference_url": "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7", "reference_id": "36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/" } ], "url": "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7" }, { "reference_url": "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd", "reference_id": "4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/" } ], "url": "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd" }, { "reference_url": "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3", "reference_id": "643986985cd1c21221f941129d76fe0c2785aeb3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/" } ], "url": "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3" }, { "reference_url": "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c", "reference_id": "a2dbc539f0f9cc63832709fa5aa33ad9495eb19c", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/" } ], "url": "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-69421" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecac-wyth-3fgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87339?format=api", "vulnerability_id": "VCID-ecaf-xuny-2ugx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.66025", "scoring_system": "epss", "scoring_elements": "0.98535", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3507" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecaf-xuny-2ugx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6568?format=api", "vulnerability_id": "VCID-er4a-1d16-pyht", "summary": "private key recovery", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05057", "scoring_system": "epss", "scoring_elements": "0.89927", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0734" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201812-5", "reference_id": "ASA-201812-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201812-5" }, { "reference_url": "https://security.archlinux.org/ASA-201812-6", "reference_id": "ASA-201812-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201812-6" }, { "reference_url": "https://security.archlinux.org/AVG-792", "reference_id": "AVG-792", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-792" }, { "reference_url": "https://security.archlinux.org/AVG-793", "reference_id": "AVG-793", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-793" }, { "reference_url": "https://usn.ubuntu.com/3840-1/", "reference_id": "USN-3840-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3840-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201293?format=api", "purl": "pkg:deb/debian/openssl@1.1.1a-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1a-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0734" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-er4a-1d16-pyht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73331?format=api", "vulnerability_id": "VCID-ertq-mxxz-zue8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.72253", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0027" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201259?format=api", "purl": "pkg:deb/debian/openssl@1.0.0f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-0027" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ertq-mxxz-zue8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6574?format=api", "vulnerability_id": "VCID-etfk-hryr-1fd4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.78382", "scoring_system": "epss", "scoring_elements": "0.99052", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0732" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-674", "reference_id": "AVG-674", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-674" }, { "reference_url": "https://security.archlinux.org/AVG-675", "reference_id": "AVG-675", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-675" }, { "reference_url": "https://security.gentoo.org/glsa/201811-03", "reference_id": "GLSA-201811-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-03" }, { "reference_url": "https://usn.ubuntu.com/3692-1/", "reference_id": "USN-3692-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3692-1/" }, { "reference_url": "https://usn.ubuntu.com/3692-2/", "reference_id": "USN-3692-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3692-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201292?format=api", "purl": "pkg:deb/debian/openssl@1.1.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0732" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-etfk-hryr-1fd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70535?format=api", "vulnerability_id": "VCID-eum8-qe3r-5ka7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04848", "scoring_system": "epss", "scoring_elements": "0.89703", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1945" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201253?format=api", "purl": "pkg:deb/debian/openssl@1.0.0e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1945" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eum8-qe3r-5ka7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59555?format=api", "vulnerability_id": "VCID-eyxy-pmzc-93fk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02422", "scoring_system": "epss", "scoring_elements": "0.85386", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0591" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyxy-pmzc-93fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143294?format=api", "vulnerability_id": "VCID-f3y3-q5qf-7kb4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49523", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/0", "reference_id": "0", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://seclists.org/bugtraq/2019/Oct/0" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://seclists.org/bugtraq/2019/Oct/1" }, { "reference_url": "https://arxiv.org/abs/1909.01785", "reference_id": "1909.01785", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://arxiv.org/abs/1909.01785" }, { "reference_url": "https://www.openssl.org/news/secadv/20190910.txt", "reference_id": "20190910.txt", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://www.openssl.org/news/secadv/20190910.txt" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/25", "reference_id": "25", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://seclists.org/bugtraq/2019/Sep/25" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4539", "reference_id": "dsa-4539", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4539" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4540", "reference_id": "dsa-4540", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4540" }, { "reference_url": "https://security.gentoo.org/glsa/201911-04", "reference_id": "GLSA-201911-04", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://security.gentoo.org/glsa/201911-04" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/", "reference_id": "GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", "reference_id": "index?page=content&id=SB10365", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" }, { "reference_url": "https://support.f5.com/csp/article/K73422160?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K73422160?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://support.f5.com/csp/article/K73422160?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html", "reference_id": "msg00054.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html", "reference_id": "msg00072.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0002/", "reference_id": "ntap-20190919-0002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200122-0002/", "reference_id": "ntap-20200122-0002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200122-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200416-0003/", "reference_id": "ntap-20200416-0003", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200416-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a" }, { "reference_url": "http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html", "reference_id": "Slackware-Security-Advisory-openssl-Updates.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html" }, { "reference_url": "https://usn.ubuntu.com/4376-1/", "reference_id": "USN-4376-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://usn.ubuntu.com/4376-1/" }, { "reference_url": "https://usn.ubuntu.com/4376-2/", "reference_id": "USN-4376-2", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://usn.ubuntu.com/4376-2/" }, { "reference_url": "https://usn.ubuntu.com/4504-1/", "reference_id": "USN-4504-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://usn.ubuntu.com/4504-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/", "reference_id": "ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201297?format=api", "purl": "pkg:deb/debian/openssl@1.1.1d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1547" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3y3-q5qf-7kb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72556?format=api", "vulnerability_id": "VCID-f6fh-g4h5-qyha", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42945", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4354" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650621", "reference_id": "650621", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650621" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201261?format=api", "purl": "pkg:deb/debian/openssl@0.9.8o-4squeeze3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-4squeeze3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4354" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f6fh-g4h5-qyha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3412?format=api", "vulnerability_id": "VCID-f7y9-1ct6-4kgk", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64409", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3712" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-028723.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-028723.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-244969.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-244969.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-389290.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-389290.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366" }, { "reference_url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0098.html" }, { "reference_url": "https://security.gentoo.org/glsa/202209-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://security.gentoo.org/glsa/202209-02" }, { "reference_url": "https://security.gentoo.org/glsa/202210-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210827-0010", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210827-0010" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210827-0010/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210827-0010/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4963", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4963" }, { "reference_url": "https://www.openssl.org/news/secadv/20210824.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.openssl.org/news/secadv/20210824.txt" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2021/08/26/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openwall.com/lists/oss-security/2021/08/26/2" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.tenable.com/security/tns-2021-16" }, { "reference_url": "https://www.tenable.com/security/tns-2022-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://www.tenable.com/security/tns-2022-02" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/08/26/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/08/26/2" }, { "reference_url": "https://security.archlinux.org/AVG-2315", "reference_id": "AVG-2315", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2315" }, { "reference_url": "https://security.archlinux.org/AVG-2316", "reference_id": "AVG-2316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2316" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", "reference_id": "CVE-2021-3712", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712" }, { "reference_url": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj", "reference_id": "GHSA-q9wj-f4qw-6vfj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q9wj-f4qw-6vfj" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:11:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://usn.ubuntu.com/5051-1/", "reference_id": "USN-5051-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5051-1/" }, { "reference_url": "https://usn.ubuntu.com/5051-2/", "reference_id": "USN-5051-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5051-2/" }, { "reference_url": "https://usn.ubuntu.com/5051-3/", "reference_id": "USN-5051-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5051-3/" }, { "reference_url": "https://usn.ubuntu.com/5088-1/", "reference_id": "USN-5088-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5088-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201305?format=api", "purl": "pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201304?format=api", "purl": "pkg:deb/debian/openssl@1.1.1l-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1l-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3712", "GHSA-q9wj-f4qw-6vfj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7y9-1ct6-4kgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325434?format=api", "vulnerability_id": "VCID-f94y-yeah-y7cu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28386.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0756", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28386" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:15:21Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451099", "reference_id": "2451099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451099" }, { "reference_url": "https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621", "reference_id": "61f428a2fc6671ede184a19f71e6e495f0689621", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:15:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28386" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f94y-yeah-y7cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30042?format=api", "vulnerability_id": "VCID-fa7j-zkw8-4ycs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0078", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13072", "scoring_system": "epss", "scoring_elements": "0.9422", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0078" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22264.txt", "reference_id": "CVE-2003-0078;OSVDB-3945", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22264.txt" }, { "reference_url": "https://www.securityfocus.com/bid/6884/info", "reference_id": "CVE-2003-0078;OSVDB-3945", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/6884/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201226?format=api", "purl": "pkg:deb/debian/openssl@0.9.7a-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7a-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0078" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fa7j-zkw8-4ycs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16823?format=api", "vulnerability_id": "VCID-fep2-jgws-6qf6", "summary": "Access of Resource Using Incompatible Type ('Type Confusion')\nThere is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0286.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0286.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88334", "scoring_system": "epss", "scoring_elements": "0.99513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0286" }, { "reference_url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt" }, { "reference_url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/pyca/cryptography", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pyca/cryptography" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440", "reference_id": "2164440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2023-0286", "reference_id": "CVE-2023-0286", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/cve-2023-0286" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", "reference_id": "CVE-2023-0286", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286" }, { "reference_url": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5", "reference_id": "GHSA-x4qr-2fvf-3mr5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x4qr-2fvf-3mr5" }, { "reference_url": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5", "reference_id": "GHSA-x4qr-2fvf-3mr5", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1335", "reference_id": "RHSA-2023:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1405", "reference_id": "RHSA-2023:1405", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1405" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1437", "reference_id": "RHSA-2023:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1438", "reference_id": "RHSA-2023:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1439", "reference_id": "RHSA-2023:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1440", "reference_id": "RHSA-2023:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1441", "reference_id": "RHSA-2023:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2022", "reference_id": "RHSA-2023:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2165", "reference_id": "RHSA-2023:2165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2932", "reference_id": "RHSA-2023:2932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3420", "reference_id": "RHSA-2023:3420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3421", "reference_id": "RHSA-2023:3421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4124", "reference_id": "RHSA-2023:4124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4128", "reference_id": "RHSA-2023:4128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4252", "reference_id": "RHSA-2023:4252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5209", "reference_id": "RHSA-2023:5209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5136", "reference_id": "RHSA-2024:5136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6095", "reference_id": "RHSA-2024:6095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7733", "reference_id": "RHSA-2025:7733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7895", "reference_id": "RHSA-2025:7895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7937", "reference_id": "RHSA-2025:7937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7937" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" }, { "reference_url": "https://usn.ubuntu.com/5845-1/", "reference_id": "USN-5845-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5845-1/" }, { "reference_url": "https://usn.ubuntu.com/5845-2/", "reference_id": "USN-5845-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5845-2/" }, { "reference_url": "https://usn.ubuntu.com/6564-1/", "reference_id": "USN-6564-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6564-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201314?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0286", "GHSA-x4qr-2fvf-3mr5" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fep2-jgws-6qf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/279579?format=api", "vulnerability_id": "VCID-fpxe-6bps-eke6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11187.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11187", "reference_id": "", "reference_type": "", "scores": [ { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00773", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://github.com/openssl/openssl/commit/205e3a55e16e4bd08c12fdbd3416ab829c0f6206", "reference_id": "205e3a55e16e4bd08c12fdbd3416ab829c0f6206", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/205e3a55e16e4bd08c12fdbd3416ab829c0f6206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "reference_id": "2430375", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375" }, { "reference_url": "https://github.com/openssl/openssl/commit/8caf359d6e46fb413e8f5f0df765d2e8a51df4e8", "reference_id": "8caf359d6e46fb413e8f5f0df765d2e8a51df4e8", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/8caf359d6e46fb413e8f5f0df765d2e8a51df4e8" }, { "reference_url": "https://github.com/openssl/openssl/commit/e1079bc17ed93ff16f6b86f33a2fe3336e78817e", "reference_id": "e1079bc17ed93ff16f6b86f33a2fe3336e78817e", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/e1079bc17ed93ff16f6b86f33a2fe3336e78817e" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1496", "reference_id": "RHSA-2026:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-11187" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpxe-6bps-eke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100768?format=api", "vulnerability_id": "VCID-fqgc-y4s7-1beq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05992", "scoring_system": "epss", "scoring_elements": "0.90826", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0704" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201276?format=api", "purl": "pkg:deb/debian/openssl@1.0.0c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0704" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqgc-y4s7-1beq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36883?format=api", "vulnerability_id": "VCID-fqy4-fhmx-kkap", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40651", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2946" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314465", "reference_id": "314465", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314465" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201232?format=api", "purl": "pkg:deb/debian/openssl@0.9.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-2946" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqy4-fhmx-kkap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92678?format=api", "vulnerability_id": "VCID-fvv8-w2h8-zbfr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21097", "scoring_system": "epss", "scoring_elements": "0.95754", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201275?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0286" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvv8-w2h8-zbfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2839?format=api", "vulnerability_id": "VCID-fx4b-vnrm-ufea", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28212", "scoring_system": "epss", "scoring_elements": "0.96577", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6309" }, { "reference_url": "https://security.archlinux.org/AVG-31", "reference_id": "AVG-31", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-31" }, { "reference_url": "https://security.archlinux.org/AVG-32", "reference_id": "AVG-32", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-32" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6309" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fx4b-vnrm-ufea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100767?format=api", "vulnerability_id": "VCID-g1zp-bmxz-rbfm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0703", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0486", "scoring_system": "epss", "scoring_elements": "0.8971", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0703" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201276?format=api", "purl": "pkg:deb/debian/openssl@1.0.0c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0703" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1zp-bmxz-rbfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87337?format=api", "vulnerability_id": "VCID-g26w-21s4-w3ea", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.40781", "scoring_system": "epss", "scoring_elements": "0.97439", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3505" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g26w-21s4-w3ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143297?format=api", "vulnerability_id": "VCID-g3c8-2e95-1yg5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22065", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1552" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1552" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g3c8-2e95-1yg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87343?format=api", "vulnerability_id": "VCID-ga6p-dfs1-gkdz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05418", "scoring_system": "epss", "scoring_elements": "0.90288", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3511" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ga6p-dfs1-gkdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106089?format=api", "vulnerability_id": "VCID-gbfg-8dgd-jbfy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19367", "scoring_system": "epss", "scoring_elements": "0.95486", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6308" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6308" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbfg-8dgd-jbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82230?format=api", "vulnerability_id": "VCID-ggst-ghty-83bh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22496", "scoring_system": "epss", "scoring_elements": "0.95939", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353" }, { "reference_url": "https://security.gentoo.org/glsa/201402-25", "reference_id": "GLSA-201402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-25" }, { "reference_url": "https://usn.ubuntu.com/2079-1/", "reference_id": "USN-2079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2079-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201268?format=api", "purl": "pkg:deb/debian/openssl@1.0.1f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4353" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ggst-ghty-83bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30094?format=api", "vulnerability_id": "VCID-gk9c-ka1w-pueq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17937", "scoring_system": "epss", "scoring_elements": "0.95266", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0131" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201227?format=api", "purl": "pkg:deb/debian/openssl@0.9.7b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0131" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gk9c-ka1w-pueq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5006?format=api", "vulnerability_id": "VCID-gpuq-x9uv-pqcz", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44833", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2178" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2178" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gpuq-x9uv-pqcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5004?format=api", "vulnerability_id": "VCID-gr1e-wcz7-9qd1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04621", "scoring_system": "epss", "scoring_elements": "0.89438", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2180" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gr1e-wcz7-9qd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5823?format=api", "vulnerability_id": "VCID-gsja-3j2p-byc8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70597", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23840" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0057.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4855", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "reference_url": "https://www.openssl.org/news/secadv/20210216.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.tenable.com/security/tns-2021-03" }, { "reference_url": "https://www.tenable.com/security/tns-2021-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.tenable.com/security/tns-2021-09" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "https://security.archlinux.org/ASA-202102-42", "reference_id": "ASA-202102-42", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-42" }, { "reference_url": "https://security.archlinux.org/AVG-1581", "reference_id": "AVG-1581", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1581" }, { "reference_url": "https://security.archlinux.org/AVG-1605", "reference_id": "AVG-1605", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1605" }, { "reference_url": "https://security.gentoo.org/glsa/202103-03", "reference_id": "GLSA-202103-03", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0009/", "reference_id": "ntap-20210219-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:12:28Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://usn.ubuntu.com/4738-1/", "reference_id": "USN-4738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4738-1/" }, { "reference_url": "https://usn.ubuntu.com/5088-1/", "reference_id": "USN-5088-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5088-1/" }, { "reference_url": "https://usn.ubuntu.com/7018-1/", "reference_id": "USN-7018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201302?format=api", "purl": "pkg:deb/debian/openssl@1.1.1j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-23840", "GHSA-qgm6-9472-pwq7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gsja-3j2p-byc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6235?format=api", "vulnerability_id": "VCID-gyd6-vygq-zuh1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3862", "scoring_system": "epss", "scoring_elements": "0.97321", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3735" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201711-14", "reference_id": "ASA-201711-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-14" }, { "reference_url": "https://security.archlinux.org/ASA-201711-15", "reference_id": "ASA-201711-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-15" }, { "reference_url": "https://security.archlinux.org/AVG-477", "reference_id": "AVG-477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-477" }, { "reference_url": "https://security.archlinux.org/AVG-478", "reference_id": "AVG-478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-478" }, { "reference_url": "https://security.gentoo.org/glsa/201712-03", "reference_id": "GLSA-201712-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-03" }, { "reference_url": "https://usn.ubuntu.com/3475-1/", "reference_id": "USN-3475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3475-1/" }, { "reference_url": "https://usn.ubuntu.com/3611-2/", "reference_id": "USN-3611-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3611-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201290?format=api", "purl": "pkg:deb/debian/openssl@1.1.0g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3735" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gyd6-vygq-zuh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52061?format=api", "vulnerability_id": "VCID-gydf-1mnp-v7c3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56214", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6755" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201240?format=api", "purl": "pkg:deb/debian/openssl@1.1.0b-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0b-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-6755" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gydf-1mnp-v7c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95332?format=api", "vulnerability_id": "VCID-h39b-w3nj-9qhw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07438", "scoring_system": "epss", "scoring_elements": "0.91874", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" }, { "reference_url": "https://usn.ubuntu.com/2830-1/", "reference_id": "USN-2830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2830-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201278?format=api", "purl": "pkg:deb/debian/openssl@1.0.2d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3196" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h39b-w3nj-9qhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60301?format=api", "vulnerability_id": "VCID-h8da-uq64-v3ge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47628", "scoring_system": "epss", "scoring_elements": "0.97755", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1386" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037", "reference_id": "532037", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8873.c", "reference_id": "OSVDB-55073;CVE-2009-1386", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8873.c" }, { "reference_url": "https://usn.ubuntu.com/792-1/", "reference_id": "USN-792-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/792-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201244?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1386" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h8da-uq64-v3ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/326491?format=api", "vulnerability_id": "VCID-hh45-myn6-83ex", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06797", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2673" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650", "reference_id": "1130650", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650" }, { "reference_url": "https://openssl-library.org/news/secadv/20260313.txt", "reference_id": "20260313.txt", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/" } ], "url": "https://openssl-library.org/news/secadv/20260313.txt" }, { "reference_url": "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "reference_id": "2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/" } ], "url": "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447327", "reference_id": "2447327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447327" }, { "reference_url": "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "reference_id": "85977e013f32ceb96aa034c0e741adddc1a05e34", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/" } ], "url": "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-2673" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh45-myn6-83ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18760?format=api", "vulnerability_id": "VCID-hmk7-eeaw-syfw", "summary": "Improper Check for Unusual or Exceptional Conditions\nIssue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() does not make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it does not check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5678", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67795", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6" }, { "reference_url": "https://www.openssl.org/news/secadv/20231106.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://www.openssl.org/news/secadv/20231106.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473", "reference_id": "1055473", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248616", "reference_id": "2248616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248616" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678", "reference_id": "CVE-2023-5678", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7877", "reference_id": "RHSA-2023:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0154", "reference_id": "RHSA-2024:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0208", "reference_id": "RHSA-2024:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1318", "reference_id": "RHSA-2024:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1319", "reference_id": "RHSA-2024:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1325", "reference_id": "RHSA-2024:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://usn.ubuntu.com/6622-1/", "reference_id": "USN-6622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6622-1/" }, { "reference_url": "https://usn.ubuntu.com/6632-1/", "reference_id": "USN-6632-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6632-1/" }, { "reference_url": "https://usn.ubuntu.com/6709-1/", "reference_id": "USN-6709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6709-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201328?format=api", "purl": "pkg:deb/debian/openssl@3.0.12-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.12-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201326?format=api", "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5678" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmk7-eeaw-syfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103000?format=api", "vulnerability_id": "VCID-hnpg-1dqm-cuar", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06781", "scoring_system": "epss", "scoring_elements": "0.91453", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2176" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2176" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hnpg-1dqm-cuar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6330?format=api", "vulnerability_id": "VCID-hsa9-h7sd-bua4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3731", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10401", "scoring_system": "epss", "scoring_elements": "0.93336", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3731" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201701-36", "reference_id": "ASA-201701-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-36" }, { "reference_url": "https://security.archlinux.org/ASA-201701-37", "reference_id": "ASA-201701-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-37" }, { "reference_url": "https://security.archlinux.org/AVG-154", "reference_id": "AVG-154", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-154" }, { "reference_url": "https://security.archlinux.org/AVG-155", "reference_id": "AVG-155", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-155" }, { "reference_url": "https://security.gentoo.org/glsa/201702-07", "reference_id": "GLSA-201702-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-07" }, { "reference_url": "https://usn.ubuntu.com/3181-1/", "reference_id": "USN-3181-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3181-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201288?format=api", "purl": "pkg:deb/debian/openssl@1.1.0d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3731" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsa9-h7sd-bua4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83717?format=api", "vulnerability_id": "VCID-hy5g-bynn-wfhq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.46976", "scoring_system": "epss", "scoring_elements": "0.97726", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732754", "reference_id": "732754", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732754" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2079-1/", "reference_id": "USN-2079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2079-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201267?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-6449" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hy5g-bynn-wfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100766?format=api", "vulnerability_id": "VCID-hzxr-v1ke-93a7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64437", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" }, { "reference_url": "https://usn.ubuntu.com/2914-1/", "reference_id": "USN-2914-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2914-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201281?format=api", "purl": "pkg:deb/debian/openssl@1.0.2g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0702" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzxr-v1ke-93a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6234?format=api", "vulnerability_id": "VCID-jeds-7f5h-13c3", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08287", "scoring_system": "epss", "scoring_elements": "0.92375", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3736" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:N" }, { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201711-14", "reference_id": "ASA-201711-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-14" }, { "reference_url": "https://security.archlinux.org/ASA-201711-15", "reference_id": "ASA-201711-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-15" }, { "reference_url": "https://security.archlinux.org/AVG-477", "reference_id": "AVG-477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-477" }, { "reference_url": "https://security.archlinux.org/AVG-478", "reference_id": "AVG-478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-478" }, { "reference_url": "https://security.gentoo.org/glsa/201712-03", "reference_id": "GLSA-201712-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-03" }, { "reference_url": "https://usn.ubuntu.com/3475-1/", "reference_id": "USN-3475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201290?format=api", "purl": "pkg:deb/debian/openssl@1.1.0g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3736" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeds-7f5h-13c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62064?format=api", "vulnerability_id": "VCID-jjne-qpe9-r7g4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3245", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19914", "scoring_system": "epss", "scoring_elements": "0.9557", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3245" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575433", "reference_id": "575433", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575433" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/1003-1/", "reference_id": "USN-1003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201249?format=api", "purl": "pkg:deb/debian/openssl@0.9.8m-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8m-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3245" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jjne-qpe9-r7g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15807?format=api", "vulnerability_id": "VCID-jmd8-78nq-vfg1", "summary": "Improper Resource Shutdown or Release\nThe `OPENSSL_LH_flush()` function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51159", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1473" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/github/advisory-database/issues/405", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/issues/405" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=64c85430f95200b6b51fe9475bd5203f7c19daf1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=64c85430f95200b6b51fe9475bd5203f7c19daf1" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0025.html" }, { "reference_url": "https://security.gentoo.org/glsa/202210-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220602-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220602-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220602-0009/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220602-0009/" }, { "reference_url": "https://www.openssl.org/news/secadv/20220503.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://www.openssl.org/news/secadv/20220503.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1473", "reference_id": "CVE-2022-1473", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1473" }, { "reference_url": "https://github.com/advisories/GHSA-g323-fr93-4j3c", "reference_id": "GHSA-g323-fr93-4j3c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g323-fr93-4j3c" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1" }, { "reference_url": "https://usn.ubuntu.com/5402-1/", "reference_id": "USN-5402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5402-1/" }, { "reference_url": "https://usn.ubuntu.com/5402-2/", "reference_id": "USN-5402-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5402-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-1473", "GHSA-g323-fr93-4j3c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmd8-78nq-vfg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95347?format=api", "vulnerability_id": "VCID-k2bb-9vkx-d3c4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01559", "scoring_system": "epss", "scoring_elements": "0.81775", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3216" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3216" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2bb-9vkx-d3c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42882?format=api", "vulnerability_id": "VCID-k3ne-tx22-ubdw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06929", "scoring_system": "epss", "scoring_elements": "0.91549", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4343" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940", "reference_id": "389940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/4773.pl", "reference_id": "CVE-2006-4343", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/4773.pl" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/28726.pl", "reference_id": "CVE-2006-4343;OSVDB-29263", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/28726.pl" }, { "reference_url": "https://www.securityfocus.com/bid/20246/info", "reference_id": "CVE-2006-4343;OSVDB-29263", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/20246/info" }, { "reference_url": "https://security.gentoo.org/glsa/200610-11", "reference_id": "GLSA-200610-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200610-11" }, { "reference_url": "https://security.gentoo.org/glsa/200612-11", "reference_id": "GLSA-200612-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200612-11" }, { "reference_url": "https://usn.ubuntu.com/353-1/", "reference_id": "USN-353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201234?format=api", "purl": "pkg:deb/debian/openssl@0.9.8c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-4343" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ne-tx22-ubdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59734?format=api", "vulnerability_id": "VCID-k6jf-wvmy-bfcu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0789", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02727", "scoring_system": "epss", "scoring_elements": "0.86202", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0789" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0789" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6jf-wvmy-bfcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95329?format=api", "vulnerability_id": "VCID-k74a-s25h-2yfu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27588", "scoring_system": "epss", "scoring_elements": "0.96517", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3193" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" }, { "reference_url": "https://usn.ubuntu.com/2830-1/", "reference_id": "USN-2830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2830-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201279?format=api", "purl": "pkg:deb/debian/openssl@1.0.2e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3193" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k74a-s25h-2yfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64537?format=api", "vulnerability_id": "VCID-kdkn-cfkr-y3cj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22108", "scoring_system": "epss", "scoring_elements": "0.95889", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0742" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584592", "reference_id": "584592", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584592" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201253?format=api", "purl": "pkg:deb/debian/openssl@1.0.0e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0742" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kdkn-cfkr-y3cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/932?format=api", "vulnerability_id": "VCID-kjhy-j2ux-bfg9", "summary": "arbitrary command execution", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20216", "scoring_system": "epss", "scoring_elements": "0.95612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2068" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.openssl.org/news/secadv/20220621.txt", "reference_id": "20220621.txt", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://www.openssl.org/news/secadv/20220621.txt" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", "reference_id": "6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/" }, { "reference_url": "https://security.archlinux.org/AVG-2765", "reference_id": "AVG-2765", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2765" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5169", "reference_id": "dsa-5169", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5169" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220707-0008/", "reference_id": "ntap-20220707-0008", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220707-0008/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7" }, { "reference_url": "https://usn.ubuntu.com/5488-1/", "reference_id": "USN-5488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5488-1/" }, { "reference_url": "https://usn.ubuntu.com/5488-2/", "reference_id": "USN-5488-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5488-2/" }, { "reference_url": "https://usn.ubuntu.com/6457-1/", "reference_id": "USN-6457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6457-1/" }, { "reference_url": "https://usn.ubuntu.com/7018-1/", "reference_id": "USN-7018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7018-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", "reference_id": "VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201312?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201311?format=api", "purl": "pkg:deb/debian/openssl@3.0.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2068" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjhy-j2ux-bfg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6360?format=api", "vulnerability_id": "VCID-kkve-1y8t-fuew", "summary": "denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0987", "scoring_system": "epss", "scoring_elements": "0.93119", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7052" }, { "reference_url": "https://security.archlinux.org/ASA-201609-28", "reference_id": "ASA-201609-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-28" }, { "reference_url": "https://security.archlinux.org/ASA-201609-30", "reference_id": "ASA-201609-30", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-30" }, { "reference_url": "https://security.archlinux.org/AVG-33", "reference_id": "AVG-33", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-33" }, { "reference_url": "https://security.archlinux.org/AVG-34", "reference_id": "AVG-34", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-34" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201285?format=api", "purl": "pkg:deb/debian/openssl@1.0.2j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7052" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkve-1y8t-fuew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17201?format=api", "vulnerability_id": "VCID-kpk3-xbcc-jfg8", "summary": "Improper Certificate Validation\nApplications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0465", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00536", "scoring_system": "epss", "scoring_elements": "0.67765", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0465" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c" }, { "reference_url": "https://www.openssl.org/news/secadv/20230328.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://www.openssl.org/news/secadv/20230328.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720", "reference_id": "1034720", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182561", "reference_id": "2182561", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182561" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465", "reference_id": "CVE-2023-0465", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230414-0001/", "reference_id": "ntap-20230414-0001", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3722", "reference_id": "RHSA-2023:3722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7622", "reference_id": "RHSA-2023:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7623", "reference_id": "RHSA-2023:7623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201320?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201319?format=api", "purl": "pkg:deb/debian/openssl@3.0.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0465" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kpk3-xbcc-jfg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1088?format=api", "vulnerability_id": "VCID-krjg-v5jv-57h1", "summary": "certificate verification bypass", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22975", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4575" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106322", "reference_id": "1106322", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106322" }, { "reference_url": "https://openssl-library.org/news/secadv/20250522.txt", "reference_id": "20250522.txt", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:30:40Z/" } ], "url": "https://openssl-library.org/news/secadv/20250522.txt" }, { "reference_url": "https://security.archlinux.org/AVG-2882", "reference_id": "AVG-2882", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2882" }, { "reference_url": "https://github.com/openssl/openssl/commit/e96d22446e633d117e6c9904cb15b4693e956eaa", "reference_id": "e96d22446e633d117e6c9904cb15b4693e956eaa", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:30:40Z/" } ], "url": "https://github.com/openssl/openssl/commit/e96d22446e633d117e6c9904cb15b4693e956eaa" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201343?format=api", "purl": "pkg:deb/debian/openssl@3.5.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4575" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-krjg-v5jv-57h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95333?format=api", "vulnerability_id": "VCID-ksmh-ztpp-9qak", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14195", "scoring_system": "epss", "scoring_elements": "0.94498", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201276?format=api", "purl": "pkg:deb/debian/openssl@1.0.0c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3197" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ksmh-ztpp-9qak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94167?format=api", "vulnerability_id": "VCID-kz4g-9jw2-e3ds", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10249", "scoring_system": "epss", "scoring_elements": "0.93278", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://usn.ubuntu.com/2639-1/", "reference_id": "USN-2639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201277?format=api", "purl": "pkg:deb/debian/openssl@1.0.2b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1791" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kz4g-9jw2-e3ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5046?format=api", "vulnerability_id": "VCID-m27k-yxxk-mbc6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38894", "scoring_system": "epss", "scoring_elements": "0.97335", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1292" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23" }, { "reference_url": "https://www.openssl.org/news/secadv/20220503.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://www.openssl.org/news/secadv/20220503.txt" }, { "reference_url": "https://security.archlinux.org/AVG-2702", "reference_id": "AVG-2702", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2702" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", "reference_id": "CVE-2022-1292", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5139", "reference_id": "dsa-5139", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5139" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", "reference_id": "SNWLID-2022-0011", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011" }, { "reference_url": "https://usn.ubuntu.com/5402-1/", "reference_id": "USN-5402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5402-1/" }, { "reference_url": "https://usn.ubuntu.com/5402-2/", "reference_id": "USN-5402-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5402-2/" }, { "reference_url": "https://usn.ubuntu.com/6457-1/", "reference_id": "USN-6457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6457-1/" }, { "reference_url": "https://usn.ubuntu.com/7018-1/", "reference_id": "USN-7018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7018-1/" }, { "reference_url": "https://usn.ubuntu.com/7060-1/", "reference_id": "USN-7060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7060-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", "reference_id": "VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", "reference_id": "ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201310?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201309?format=api", "purl": "pkg:deb/debian/openssl@1.1.1o-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1o-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-1292" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m27k-yxxk-mbc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/315012?format=api", "vulnerability_id": "VCID-m28e-hawn-wqhh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69418.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69418.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69418", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.01084", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69418" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "reference_id": "2430381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381" }, { "reference_url": "https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc", "reference_id": "372fc5c77529695b05b4f5b5187691a57ef5dffc", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc" }, { "reference_url": "https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8", "reference_id": "4016975d4469cd6b94927c607f7c511385f928d8", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8" }, { "reference_url": "https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347", "reference_id": "52d23c86a54adab5ee9f80e48b242b52c4cc2347", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347" }, { "reference_url": "https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae", "reference_id": "a7589230356d908c0eca4b969ec4f62106f4f5ae", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae" }, { "reference_url": "https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977", "reference_id": "ed40856d7d4ba6cb42779b6770666a65f19cb977", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/" } ], "url": "https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-69418" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m28e-hawn-wqhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100817?format=api", "vulnerability_id": "VCID-m2yv-rccq-nqhu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90348", "scoring_system": "epss", "scoring_elements": "0.99617", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0800" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201276?format=api", "purl": "pkg:deb/debian/openssl@1.0.0c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0800" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2yv-rccq-nqhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117322?format=api", "vulnerability_id": "VCID-marq-4dtx-buce", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3733", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03097", "scoring_system": "epss", "scoring_elements": "0.87027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3733" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201289?format=api", "purl": "pkg:deb/debian/openssl@1.1.0e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3733" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-marq-4dtx-buce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6561?format=api", "vulnerability_id": "VCID-mcap-uf4h-vfch", "summary": "information disclosure", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03184", "scoring_system": "epss", "scoring_elements": "0.87193", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1543" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201906-6", "reference_id": "ASA-201906-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201906-6" }, { "reference_url": "https://security.archlinux.org/ASA-201906-7", "reference_id": "ASA-201906-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201906-7" }, { "reference_url": "https://security.archlinux.org/AVG-919", "reference_id": "AVG-919", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-919" }, { "reference_url": "https://security.archlinux.org/AVG-920", "reference_id": "AVG-920", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-920" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201296?format=api", "purl": "pkg:deb/debian/openssl@1.1.1c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1543" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mcap-uf4h-vfch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16825?format=api", "vulnerability_id": "VCID-mcrj-f2ds-c3d3", "summary": "NULL Pointer Dereference\nA NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72117", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0013.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500", "reference_id": "2164500", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401", "reference_id": "CVE-2023-0401", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" }, { "reference_url": "https://usn.ubuntu.com/6564-1/", "reference_id": "USN-6564-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6564-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0401", "GHSA-vrh7-x64v-7vxq" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mcrj-f2ds-c3d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/318508?format=api", "vulnerability_id": "VCID-mg72-e4j7-4yax", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9231.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10525", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9231" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20250930.txt", "reference_id": "20250930.txt", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/" } ], "url": "https://openssl-library.org/news/secadv/20250930.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396055", "reference_id": "2396055", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396055" }, { "reference_url": "https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe", "reference_id": "567f64386e43683888212226824b6a179885a0fe", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/" } ], "url": "https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe" }, { "reference_url": "https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698", "reference_id": "cba616c26ac8e7b37de5e77762e505ba5ca51698", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/" } ], "url": "https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698" }, { "reference_url": "https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4", "reference_id": "eed5adc9f969d77c94f213767acbb41ff923b6f4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/" } ], "url": "https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4" }, { "reference_url": "https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2", "reference_id": "fc47a2ec078912b3e914fab5734535e76c4820c2", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/" } ], "url": "https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7786-1/", "reference_id": "USN-7786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7786-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201348?format=api", "purl": "pkg:deb/debian/openssl@3.5.1-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.1-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201347?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-9231" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mg72-e4j7-4yax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71622?format=api", "vulnerability_id": "VCID-mk4c-hr1h-ubaf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05863", "scoring_system": "epss", "scoring_elements": "0.90705", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3210" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201253?format=api", "purl": "pkg:deb/debian/openssl@1.0.0e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-3210" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mk4c-hr1h-ubaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325438?format=api", "vulnerability_id": "VCID-mnvc-6qng-ufbb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28390", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.3377", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28390" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc", "reference_id": "01194a8f1941115cd0383bfa91c736dd3993c8bc", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/" } ], "url": "https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456314", "reference_id": "2456314", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456314" }, { "reference_url": "https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6", "reference_id": "2e39b7a6993be445fddb9fbce316fa756e0397b6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/" } ], "url": "https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6" }, { "reference_url": "https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4", "reference_id": "af2a5fecd3e71a29e7568f9c1453dec5cebbaff4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/" } ], "url": "https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4" }, { "reference_url": "https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788", "reference_id": "ea7b4ea4f9f853521ba34830cbcadc970d2e0788", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/" } ], "url": "https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788" }, { "reference_url": "https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75", "reference_id": "fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/" } ], "url": "https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14217", "reference_id": "RHSA-2026:14217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14937", "reference_id": "RHSA-2026:14937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" }, { "reference_url": "https://usn.ubuntu.com/8155-2/", "reference_id": "USN-8155-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201350?format=api", "purl": "pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28390" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnvc-6qng-ufbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117321?format=api", "vulnerability_id": "VCID-mrf2-6pcu-y3c2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.53046", "scoring_system": "epss", "scoring_elements": "0.98007", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3730" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/guidovranken/CVE-2017-3730/blob/98cca4c8c706c6b3ff8b6f2fc9fb2e8c956f3263/crash-postfix.c", "reference_id": "CVE-2017-3730", "reference_type": "exploit", "scores": [], "url": "https://github.com/guidovranken/CVE-2017-3730/blob/98cca4c8c706c6b3ff8b6f2fc9fb2e8c956f3263/crash-postfix.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41192.c", "reference_id": "CVE-2017-3730", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41192.c" }, { "reference_url": "https://security.gentoo.org/glsa/201702-07", "reference_id": "GLSA-201702-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201288?format=api", "purl": "pkg:deb/debian/openssl@1.1.0d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3730" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mrf2-6pcu-y3c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6331?format=api", "vulnerability_id": "VCID-mx3t-ryqu-rfc8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7055", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02693", "scoring_system": "epss", "scoring_elements": "0.86123", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7055" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201701-36", "reference_id": "ASA-201701-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-36" }, { "reference_url": "https://security.archlinux.org/ASA-201701-37", "reference_id": "ASA-201701-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-37" }, { "reference_url": "https://security.archlinux.org/AVG-154", "reference_id": "AVG-154", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-154" }, { "reference_url": "https://security.archlinux.org/AVG-155", "reference_id": "AVG-155", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-155" }, { "reference_url": "https://security.archlinux.org/AVG-67", "reference_id": "AVG-67", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-67" }, { "reference_url": "https://security.archlinux.org/AVG-68", "reference_id": "AVG-68", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-68" }, { "reference_url": "https://security.gentoo.org/glsa/201702-07", "reference_id": "GLSA-201702-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-07" }, { "reference_url": "https://usn.ubuntu.com/3181-1/", "reference_id": "USN-3181-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3181-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201286?format=api", "purl": "pkg:deb/debian/openssl@1.1.0c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7055" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mx3t-ryqu-rfc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92683?format=api", "vulnerability_id": "VCID-mz3b-3egv-yuh9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28029", "scoring_system": "epss", "scoring_elements": "0.96556", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0291" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0291" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mz3b-3egv-yuh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17721?format=api", "vulnerability_id": "VCID-n7dz-yhyf-n7e7", "summary": "Allocation of Resources Without Limits or Throttling\nIssue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with 'n' being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer's certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92129", "scoring_system": "epss", "scoring_elements": "0.99723", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5417", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5417" }, { "reference_url": "https://www.openssl.org/news/secadv/20230530.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://www.openssl.org/news/secadv/20230530.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/05/30/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/05/30/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207947", "reference_id": "2207947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207947" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "reference_id": "CVE-2023-2650", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230703-0001/", "reference_id": "ntap-20230703-0001", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230703-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0009/", "reference_id": "ntap-20231027-0009", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3722", "reference_id": "RHSA-2023:3722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6330", "reference_id": "RHSA-2023:6330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7622", "reference_id": "RHSA-2023:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7623", "reference_id": "RHSA-2023:7623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "reference_id": "SNWLID-2023-0009", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:55:48Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009" }, { "reference_url": "https://usn.ubuntu.com/6119-1/", "reference_id": "USN-6119-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6119-1/" }, { "reference_url": "https://usn.ubuntu.com/6188-1/", "reference_id": "USN-6188-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6188-1/" }, { "reference_url": "https://usn.ubuntu.com/6672-1/", "reference_id": "USN-6672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6672-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201320?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201319?format=api", "purl": "pkg:deb/debian/openssl@3.0.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-2650" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7dz-yhyf-n7e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19217?format=api", "vulnerability_id": "VCID-n7xs-mgeg-jued", "summary": "Out-of-bounds Write\nIssue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications running\non PowerPC CPU based platforms if the CPU provides vector instructions.\n\nImpact summary: If an attacker can influence whether the POLY1305 MAC\nalgorithm is used, the application state might be corrupted with various\napplication dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\nPowerPC CPUs restores the contents of vector registers in a different order\nthan they are saved. Thus the contents of some of these vector registers\nare corrupted when returning to the caller. The vulnerable code is used only\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However unless the compiler uses the vector registers for storing\npointers, the most likely consequence, if any, would be an incorrect result\nof some application dependent calculations or a crash leading to a denial of\nservice.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3. If this cipher is enabled on the server a malicious\nclient can influence whether this AEAD cipher is used. This implies that\nTLS server applications using OpenSSL can be potentially impacted. However\nwe are currently not aware of any concrete application that would be affected\nby this issue therefore we consider this a Low severity security issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6129.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6129.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0342", "scoring_system": "epss", "scoring_elements": "0.87654", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6129" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/" } ], "url": "https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35" }, { "reference_url": "https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/" } ], "url": "https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04" }, { "reference_url": "https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/" } ], "url": "https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015" }, { "reference_url": "https://www.openssl.org/news/secadv/20240109.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/" } ], "url": "https://www.openssl.org/news/secadv/20240109.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060347", "reference_id": "1060347", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060347" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "reference_id": "2257571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257571" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129", "reference_id": "CVE-2023-6129", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9088", "reference_id": "RHSA-2024:9088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9088" }, { "reference_url": "https://usn.ubuntu.com/6622-1/", "reference_id": "USN-6622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6622-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201326?format=api", "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201329?format=api", "purl": "pkg:deb/debian/openssl@3.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6129" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7xs-mgeg-jued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41546?format=api", "vulnerability_id": "VCID-nagb-h6pn-g3cc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02909", "scoring_system": "epss", "scoring_elements": "0.86615", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940", "reference_id": "389940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940" }, { "reference_url": "https://security.gentoo.org/glsa/200610-11", "reference_id": "GLSA-200610-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200610-11" }, { "reference_url": "https://security.gentoo.org/glsa/200612-11", "reference_id": "GLSA-200612-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200612-11" }, { "reference_url": "https://usn.ubuntu.com/353-1/", "reference_id": "USN-353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/353-1/" }, { "reference_url": "https://usn.ubuntu.com/353-2/", "reference_id": "USN-353-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/353-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201234?format=api", "purl": "pkg:deb/debian/openssl@0.9.8c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2940" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nagb-h6pn-g3cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6220?format=api", "vulnerability_id": "VCID-nc9y-nrfj-qqam", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14445", "scoring_system": "epss", "scoring_elements": "0.94543", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0739" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201804-2", "reference_id": "ASA-201804-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-2" }, { "reference_url": "https://security.archlinux.org/AVG-540", "reference_id": "AVG-540", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-540" }, { "reference_url": "https://security.gentoo.org/glsa/201811-21", "reference_id": "GLSA-201811-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-21" }, { "reference_url": "https://security.gentoo.org/glsa/202007-53", "reference_id": "GLSA-202007-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-53" }, { "reference_url": "https://usn.ubuntu.com/3611-1/", "reference_id": "USN-3611-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3611-1/" }, { "reference_url": "https://usn.ubuntu.com/3611-2/", "reference_id": "USN-3611-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3611-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201291?format=api", "purl": "pkg:deb/debian/openssl@1.1.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0739" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nc9y-nrfj-qqam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102971?format=api", "vulnerability_id": "VCID-nh12-e4ez-4yee", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2109", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.59267", "scoring_system": "epss", "scoring_elements": "0.9827", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2109" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/2959-1/", "reference_id": "USN-2959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201282?format=api", "purl": "pkg:deb/debian/openssl@1.0.2h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2109" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nh12-e4ez-4yee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30479?format=api", "vulnerability_id": "VCID-npzc-u1br-pfat", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43202", "scoring_system": "epss", "scoring_elements": "0.97562", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0543" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/146.c", "reference_id": "OSVDB-3949;CVE-2003-0543", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/146.c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201228?format=api", "purl": "pkg:deb/debian/openssl@0.9.7c?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7c%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0543" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-npzc-u1br-pfat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48657?format=api", "vulnerability_id": "VCID-nu4w-5f9y-wydj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3108", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35955", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3108" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438142", "reference_id": "438142", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438142" }, { "reference_url": "https://security.gentoo.org/glsa/200710-06", "reference_id": "GLSA-200710-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-06" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://usn.ubuntu.com/522-1/", "reference_id": "USN-522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/522-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201237?format=api", "purl": "pkg:deb/debian/openssl@0.9.8e-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8e-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3108" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nu4w-5f9y-wydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86313?format=api", "vulnerability_id": "VCID-nvtu-jtah-tfbm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29243", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2234" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-2234" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvtu-jtah-tfbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41545?format=api", "vulnerability_id": "VCID-p2am-g9tr-fbgc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05111", "scoring_system": "epss", "scoring_elements": "0.89986", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940", "reference_id": "389940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389940" }, { "reference_url": "https://security.gentoo.org/glsa/200610-11", "reference_id": "GLSA-200610-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200610-11" }, { "reference_url": "https://security.gentoo.org/glsa/200612-11", "reference_id": "GLSA-200612-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200612-11" }, { "reference_url": "https://usn.ubuntu.com/353-1/", "reference_id": "USN-353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201234?format=api", "purl": "pkg:deb/debian/openssl@0.9.8c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2937" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2am-g9tr-fbgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3790?format=api", "vulnerability_id": "VCID-p38v-5xbc-ukcp", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.66483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3450" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/" }, { "reference_url": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3450" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0056.html" }, { "reference_url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210326-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210326-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210326-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210326-0006/" }, { "reference_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd" }, { "reference_url": "https://www.openssl.org/news/secadv/20210325.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20210325.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-05", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-05" }, { "reference_url": "https://www.tenable.com/security/tns-2021-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-08" }, { "reference_url": "https://www.tenable.com/security/tns-2021-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-09" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/27/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/27/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/28/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/28/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4" }, { "reference_url": "https://security.archlinux.org/ASA-202103-10", "reference_id": "ASA-202103-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202103-10" }, { "reference_url": "https://security.archlinux.org/AVG-1736", "reference_id": "AVG-1736", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1736" }, { "reference_url": "https://security.gentoo.org/glsa/202103-03", "reference_id": "GLSA-202103-03", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202103-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201303?format=api", "purl": "pkg:deb/debian/openssl@1.1.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3450", "GHSA-8hfj-xrj2-pm22" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p38v-5xbc-ukcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100769?format=api", "vulnerability_id": "VCID-p3u3-3gxw-eker", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21835", "scoring_system": "epss", "scoring_elements": "0.95852", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" }, { "reference_url": "https://usn.ubuntu.com/2914-1/", "reference_id": "USN-2914-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2914-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201281?format=api", "purl": "pkg:deb/debian/openssl@1.0.2g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0705" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p3u3-3gxw-eker" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16832?format=api", "vulnerability_id": "VCID-pfat-4gzk-suht", "summary": "Double Free\nThe function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34901", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:38Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:38Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:38Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:38Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494", "reference_id": "2164494", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450", "reference_id": "CVE-2022-4450", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1405", "reference_id": "RHSA-2023:1405", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1405" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2165", "reference_id": "RHSA-2023:2165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2932", "reference_id": "RHSA-2023:2932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3408", "reference_id": "RHSA-2023:3408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3420", "reference_id": "RHSA-2023:3420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3421", "reference_id": "RHSA-2023:3421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3421" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" }, { "reference_url": "https://usn.ubuntu.com/6564-1/", "reference_id": "USN-6564-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6564-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201314?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-4450", "GHSA-v5w6-wcm8-jm4q" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfat-4gzk-suht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68778?format=api", "vulnerability_id": "VCID-pfmt-5ttf-n7d4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14699", "scoring_system": "epss", "scoring_elements": "0.94599", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076" }, { "reference_url": "https://security.gentoo.org/glsa/201407-05", "reference_id": "GLSA-201407-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201407-05" }, { "reference_url": "https://usn.ubuntu.com/2192-1/", "reference_id": "USN-2192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201257?format=api", "purl": "pkg:deb/debian/openssl@1.0.1g-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1g-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-5298" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfmt-5ttf-n7d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18405?format=api", "vulnerability_id": "VCID-pr1d-efrx-kbbr", "summary": "POLY1305 MAC implementation corrupts XMM registers on Windows\nIssue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications on the\nWindows 64 platform when running on newer X86_64 processors supporting the\nAVX512-IFMA instructions.\n\nImpact summary: If in an application that uses the OpenSSL library an attacker\ncan influence whether the POLY1305 MAC algorithm is used, the application\nstate might be corrupted with various application dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL does\nnot save the contents of non-volatile XMM registers on Windows 64 platform\nwhen calculating the MAC of data larger than 64 bytes. Before returning to\nthe caller all the XMM registers are set to zero rather than restoring their\nprevious content. The vulnerable code is used only on newer x86_64 processors\nsupporting the AVX512-IFMA instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However given the contents of the registers are just zeroized so\nthe attacker cannot put arbitrary values inside, the most likely consequence,\nif any, would be an incorrect result of some application dependent\ncalculations or a crash leading to a denial of service.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3 and a malicious client can influence whether this AEAD\ncipher is used by the server. This implies that server applications using\nOpenSSL can be potentially impacted. However we are currently not aware of\nany concrete application that would be affected by this issue therefore we\nconsider this a Low severity security issue.\n\nAs a workaround the AVX512-IFMA instructions support can be disabled at\nruntime by setting the environment variable OPENSSL_ia32cap:\n\n OPENSSL_ia32cap=:~0x200000\n\nThe FIPS provider is not affected by this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4807.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71792", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4807" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230921-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230921-0001/" }, { "reference_url": "https://www.openssl.org/news/secadv/20230908.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/" } ], "url": "https://www.openssl.org/news/secadv/20230908.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238009", "reference_id": "2238009", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238009" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4807", "reference_id": "CVE-2023-4807", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4807" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4807" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pr1d-efrx-kbbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87338?format=api", "vulnerability_id": "VCID-pr3p-ybu9-n3fx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51729", "scoring_system": "epss", "scoring_elements": "0.97947", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3506" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pr3p-ybu9-n3fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14821?format=api", "vulnerability_id": "VCID-prku-34mb-d3g6", "summary": "Carry Propagation bug\nThere is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62047", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4160" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb" }, { "reference_url": "https://www.openssl.org/news/secadv/20220128.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/" } ], "url": "https://www.openssl.org/news/secadv/20220128.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160", "reference_id": "CVE-2021-4160", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4160" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201307?format=api", "purl": "pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201306?format=api", "purl": "pkg:deb/debian/openssl@1.1.1m-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1m-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4160" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-prku-34mb-d3g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5188?format=api", "vulnerability_id": "VCID-ptm7-pf2v-fqdc", "summary": "denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3328", "scoring_system": "epss", "scoring_elements": "0.96995", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4044" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=758754966791c537ea95241438454aa86f91f256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=758754966791c537ea95241438454aa86f91f256" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=758754966791c537ea95241438454aa86f91f256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=758754966791c537ea95241438454aa86f91f256" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0129.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0129.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211229-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211229-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211229-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20211229-0003/" }, { "reference_url": "https://www.openssl.org/news/secadv/20211214.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20211214.txt" }, { "reference_url": "https://security.archlinux.org/AVG-2641", "reference_id": "AVG-2641", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2641" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4044", "reference_id": "CVE-2021-4044", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4044" }, { "reference_url": "https://github.com/advisories/GHSA-mmjf-f5jw-w72q", "reference_id": "GHSA-mmjf-f5jw-w72q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mmjf-f5jw-w72q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4044", "GHSA-mmjf-f5jw-w72q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptm7-pf2v-fqdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/315013?format=api", "vulnerability_id": "VCID-pxab-d41r-m3c2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29965", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69419" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "reference_id": "2430386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386" }, { "reference_url": "https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296", "reference_id": "41be0f216404f14457bbf3b9cc488dba60b49296", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296" }, { "reference_url": "https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb", "reference_id": "7e9cac9832e4705b91987c2474ed06a37a93cecb", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb" }, { "reference_url": "https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2", "reference_id": "a26a90d38edec3748566129d824e664b54bee2e2", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2" }, { "reference_url": "https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015", "reference_id": "cda12de3bc0e333ea8d2c6fd15001dbdaf280015", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015" }, { "reference_url": "https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535", "reference_id": "ff628933755075446bca8307e8417c14d164b535", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14773", "reference_id": "RHSA-2026:14773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1496", "reference_id": "RHSA-2026:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1503", "reference_id": "RHSA-2026:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15087", "reference_id": "RHSA-2026:15087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1519", "reference_id": "RHSA-2026:1519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1594", "reference_id": "RHSA-2026:1594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1733", "reference_id": "RHSA-2026:1733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19187", "reference_id": "RHSA-2026:19187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2994", "reference_id": "RHSA-2026:2994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3042", "reference_id": "RHSA-2026:3042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3364", "reference_id": "RHSA-2026:3364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3437", "reference_id": "RHSA-2026:3437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3861", "reference_id": "RHSA-2026:3861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4163", "reference_id": "RHSA-2026:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4214", "reference_id": "RHSA-2026:4214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4472", "reference_id": "RHSA-2026:4472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4824", "reference_id": "RHSA-2026:4824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4825", "reference_id": "RHSA-2026:4825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5214", "reference_id": "RHSA-2026:5214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5217", "reference_id": "RHSA-2026:5217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5873", "reference_id": "RHSA-2026:5873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7239", "reference_id": "RHSA-2026:7239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-69419" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxab-d41r-m3c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/322132?format=api", "vulnerability_id": "VCID-pxaj-7epr-pqbs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22795.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15383", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22795" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "reference_id": "2430389", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389" }, { "reference_url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "reference_id": "2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/" } ], "url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4" }, { "reference_url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "reference_id": "572844beca95068394c916626a6d3a490f831a49", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/" } ], "url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49" }, { "reference_url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "reference_id": "7bbca05be55b129651d9df4bdb92becc45002c12", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/" } ], "url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12" }, { "reference_url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "reference_id": "eeee3cbd4d682095ed431052f00403004596373e", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/" } ], "url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e" }, { "reference_url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "reference_id": "ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/" } ], "url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" }, { "reference_url": "https://usn.ubuntu.com/7980-2/", "reference_id": "USN-7980-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201344?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-22795" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxaj-7epr-pqbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87375?format=api", "vulnerability_id": "VCID-q2c9-7wuh-wqgm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24268", "scoring_system": "epss", "scoring_elements": "0.96187", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2385-1/", "reference_id": "USN-2385-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2385-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201273?format=api", "purl": "pkg:deb/debian/openssl@1.0.1j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3567" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2c9-7wuh-wqgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/325436?format=api", "vulnerability_id": "VCID-q64m-j51z-6fhu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14142", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28388" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451097", "reference_id": "2451097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451097" }, { "reference_url": "https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e", "reference_id": "59c3b3158553ab53275bbbccca5cb305d591cf2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e" }, { "reference_url": "https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139", "reference_id": "5a0b4930779cd2408880979db765db919da55139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139" }, { "reference_url": "https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3", "reference_id": "602542f2c0c2d5edb47128f93eac10b62aeeefb3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3" }, { "reference_url": "https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8", "reference_id": "a9d187dd1000130100fa7ab915f8513532cb3bb8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8" }, { "reference_url": "https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726", "reference_id": "d3a901e8d9f021f3e67d6cfbc12e768129862726", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/" } ], "url": "https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" }, { "reference_url": "https://usn.ubuntu.com/8155-2/", "reference_id": "USN-8155-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201350?format=api", "purl": "pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28388" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q64m-j51z-6fhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/327587?format=api", "vulnerability_id": "VCID-q6ke-1n27-53f1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31789", "reference_id": "", "reference_type": "", "scores": [ { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00671", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31789" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260407.txt", "reference_id": "20260407.txt", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/" } ], "url": "https://openssl-library.org/news/secadv/20260407.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451095", "reference_id": "2451095", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451095" }, { "reference_url": "https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde", "reference_id": "364f095b80601db632b0def6a33316967f863bde", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/" } ], "url": "https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde" }, { "reference_url": "https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf", "reference_id": "7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/" } ], "url": "https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf" }, { "reference_url": "https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49", "reference_id": "945b935ac66cc7f1a41f1b849c7c25adb5351f49", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/" } ], "url": "https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49" }, { "reference_url": "https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9", "reference_id": "a24216018e1ede8ff01a4ff5afff7dfbd443e2f9", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/" } ], "url": "https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9" }, { "reference_url": "https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521", "reference_id": "a91e537d16d74050dbde50bb0dfb1fe9930f0521", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/" } ], "url": "https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/8155-1/", "reference_id": "USN-8155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201350?format=api", "purl": "pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-31789" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6ke-1n27-53f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88601?format=api", "vulnerability_id": "VCID-q6mc-jrva-5bau", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34029", "scoring_system": "epss", "scoring_elements": "0.97053", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-5139" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6mc-jrva-5bau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94163?format=api", "vulnerability_id": "VCID-q8p7-pnwj-gbgk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26918", "scoring_system": "epss", "scoring_elements": "0.96453", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1787" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1787" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q8p7-pnwj-gbgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15278?format=api", "vulnerability_id": "VCID-qaht-xst5-pyh3", "summary": "Loop with Unreachable Exit Condition ('Infinite Loop')\nThe BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters", "references": [ { "reference_url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06863", "scoring_system": "epss", "scoring_elements": "0.91508", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0778" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/May/33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/May/35", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/May/38", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" }, { "reference_url": "https://security.gentoo.org/glsa/202210-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220321-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220321-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220321-0002/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220321-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://support.apple.com/kb/HT213255", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://support.apple.com/kb/HT213255" }, { "reference_url": "https://support.apple.com/kb/HT213256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://support.apple.com/kb/HT213256" }, { "reference_url": "https://support.apple.com/kb/HT213257", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://support.apple.com/kb/HT213257" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5103", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5103" }, { "reference_url": "https://www.openssl.org/news/secadv/20220315.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.openssl.org/news/secadv/20220315.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.tenable.com/security/tns-2022-06", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.tenable.com/security/tns-2022-06" }, { "reference_url": "https://www.tenable.com/security/tns-2022-07", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.tenable.com/security/tns-2022-07" }, { "reference_url": "https://www.tenable.com/security/tns-2022-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.tenable.com/security/tns-2022-08" }, { "reference_url": "https://www.tenable.com/security/tns-2022-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://www.tenable.com/security/tns-2022-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/", "reference_id": "323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", "reference_id": "CVE-2022-0778", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/", "reference_id": "GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" }, { "reference_url": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", "reference_id": "GHSA-x3mh-jvjw-3xwx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0005/", "reference_id": "ntap-20220429-0005", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0005/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://usn.ubuntu.com/5328-1/", "reference_id": "USN-5328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5328-1/" }, { "reference_url": "https://usn.ubuntu.com/5328-2/", "reference_id": "USN-5328-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5328-2/" }, { "reference_url": "https://usn.ubuntu.com/6457-1/", "reference_id": "USN-6457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6457-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/", "reference_id": "W6K3PR542DXWLEFFMFIDMME4CWMHJRMG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-22T13:27:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201307?format=api", "purl": "pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201308?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-0778", "GHSA-x3mh-jvjw-3xwx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qaht-xst5-pyh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3961?format=api", "vulnerability_id": "VCID-qf59-hskb-f7ek", "summary": "denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57582", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1971" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/09/14/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/09/14/2" }, { "reference_url": "https://www.openssl.org/news/secadv/20201208.txt", "reference_id": "20201208.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://www.openssl.org/news/secadv/20201208.txt" }, { "reference_url": "https://security.archlinux.org/ASA-202012-24", "reference_id": "ASA-202012-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-24" }, { "reference_url": "https://security.archlinux.org/AVG-1335", "reference_id": "AVG-1335", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1335" }, { "reference_url": "https://security.archlinux.org/AVG-1404", "reference_id": "AVG-1404", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1404" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971", "reference_id": "CVE-2020-1971", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1971" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/", "reference_id": "DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4807", "reference_id": "dsa-4807", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4807" }, { "reference_url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc", "reference_id": "FreeBSD-SA-20:33.openssl.asc", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc" }, { "reference_url": "https://security.gentoo.org/glsa/202012-13", "reference_id": "GLSA-202012-13", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://security.gentoo.org/glsa/202012-13" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html", "reference_id": "msg00020.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00020.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00021.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20201218-0005/", "reference_id": "ntap-20201218-0005", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20201218-0005/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0002/", "reference_id": "ntap-20210513-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f960d81215ebf3f65e03d4d5d857fb9b666d6920", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=f960d81215ebf3f65e03d4d5d857fb9b666d6920", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f960d81215ebf3f65e03d4d5d857fb9b666d6920" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/", "reference_id": "PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/" }, { "reference_url": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c%40%3Cdev.tomcat.apache.org%3E", "reference_id": "r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143%40%3Ccommits.pulsar.apache.org%3E", "reference_id": "rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143%40%3Ccommits.pulsar.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143%40%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676", "reference_id": "SA44676", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T15:40:23Z/" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676" }, { "reference_url": "https://usn.ubuntu.com/4662-1/", "reference_id": "USN-4662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4662-1/" }, { "reference_url": "https://usn.ubuntu.com/4745-1/", "reference_id": "USN-4745-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4745-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201300?format=api", "purl": "pkg:deb/debian/openssl@1.1.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-1971" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qf59-hskb-f7ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92681?format=api", "vulnerability_id": "VCID-qh26-c47m-gyex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05787", "scoring_system": "epss", "scoring_elements": "0.90632", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201275?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0289" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh26-c47m-gyex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83718?format=api", "vulnerability_id": "VCID-qk3g-38ax-rbf3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19665", "scoring_system": "epss", "scoring_elements": "0.9553", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2079-1/", "reference_id": "USN-2079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2079-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201267?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-6450" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qk3g-38ax-rbf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58960?format=api", "vulnerability_id": "VCID-qqx3-1gtv-9yed", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-7270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79888", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-7270" }, { "reference_url": "https://usn.ubuntu.com/1029-1/", "reference_id": "USN-1029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201244?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-7270" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqx3-1gtv-9yed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84548?format=api", "vulnerability_id": "VCID-qs1k-st1a-hyhx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.32978", "scoring_system": "epss", "scoring_elements": "0.96976", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747432", "reference_id": "747432", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747432" }, { "reference_url": "https://security.gentoo.org/glsa/201407-05", "reference_id": "GLSA-201407-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201407-05" }, { "reference_url": "https://usn.ubuntu.com/2192-1/", "reference_id": "USN-2192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201271?format=api", "purl": "pkg:deb/debian/openssl@1.0.1g-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1g-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0198" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qs1k-st1a-hyhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276938?format=api", "vulnerability_id": "VCID-qu76-y4du-ybc1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9143.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9143.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.7612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9143" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085378", "reference_id": "1085378", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085378" }, { "reference_url": "https://openssl-library.org/news/secadv/20241016.txt", "reference_id": "20241016.txt", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://openssl-library.org/news/secadv/20241016.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319236", "reference_id": "2319236", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319236" }, { "reference_url": "https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712", "reference_id": "72ae83ad214d2eef262461365a1975707f862712", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a", "reference_id": "8efc0cbaa8ebba8e116f7b81a876a4123594d86a", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41", "reference_id": "9d576994cec2b7aa37a91740ea7e680810957e41", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41" }, { "reference_url": "https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700", "reference_id": "bc7e04d7c8d509fb78fc0e285aa948fb0da04700", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700" }, { "reference_url": "https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4", "reference_id": "c0d3e4d32d2805f49bec30547f225bc4d092e1f4", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4" }, { "reference_url": "https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154", "reference_id": "fdf6723362ca51bd883295efe206cb5b1cfa5154", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/" } ], "url": "https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154" }, { "reference_url": "https://usn.ubuntu.com/7264-1/", "reference_id": "USN-7264-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7264-1/" }, { "reference_url": "https://usn.ubuntu.com/7278-1/", "reference_id": "USN-7278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7278-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201335?format=api", "purl": "pkg:deb/debian/openssl@3.0.15-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.15-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201338?format=api", "purl": "pkg:deb/debian/openssl@3.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.3.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-9143" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qu76-y4du-ybc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6329?format=api", "vulnerability_id": "VCID-qxfc-pcsg-wfb5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05182", "scoring_system": "epss", "scoring_elements": "0.90058", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3732" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201701-36", "reference_id": "ASA-201701-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-36" }, { "reference_url": "https://security.archlinux.org/ASA-201701-37", "reference_id": "ASA-201701-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-37" }, { "reference_url": "https://security.archlinux.org/AVG-154", "reference_id": "AVG-154", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-154" }, { "reference_url": "https://security.archlinux.org/AVG-155", "reference_id": "AVG-155", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-155" }, { "reference_url": "https://security.gentoo.org/glsa/201702-07", "reference_id": "GLSA-201702-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-07" }, { "reference_url": "https://security.gentoo.org/glsa/201802-04", "reference_id": "GLSA-201802-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-04" }, { "reference_url": "https://usn.ubuntu.com/3181-1/", "reference_id": "USN-3181-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3181-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201288?format=api", "purl": "pkg:deb/debian/openssl@1.1.0d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3732" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxfc-pcsg-wfb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/204105?format=api", "vulnerability_id": "VCID-r7h3-uf1u-dkfp", "summary": "", "references": [ { "reference_url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27298", "scoring_system": "epss", "scoring_elements": "0.9649", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3786" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3" }, { "reference_url": "https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3" }, { "reference_url": "https://github.com/rustsec/advisory-db/pull/1452", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rustsec/advisory-db/pull/1452" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0065.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0065.html" }, { "reference_url": "https://security.gentoo.org/glsa/202211-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202211-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221102-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20221102-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221102-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20221102-0001/" }, { "reference_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a" }, { "reference_url": "https://www.kb.cert.org/vuls/id/794340", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/794340" }, { "reference_url": "https://www.openssl.org/news/secadv/20221101.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/" } ], "url": "https://www.openssl.org/news/secadv/20221101.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/15", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/17", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/19", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/20", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/01/24", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/12" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/13" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/14" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/15", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/15" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/02/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/03/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139104", "reference_id": "2139104", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139104" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3786", "reference_id": "CVE-2022-3786", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3786" }, { "reference_url": "https://github.com/advisories/GHSA-h8jm-2x53-xhp5", "reference_id": "GHSA-h8jm-2x53-xhp5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h8jm-2x53-xhp5" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7288", "reference_id": "RHSA-2022:7288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7384", "reference_id": "RHSA-2022:7384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7384" }, { "reference_url": "https://usn.ubuntu.com/5710-1/", "reference_id": "USN-5710-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5710-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201316?format=api", "purl": "pkg:deb/debian/openssl@3.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3786", "GHSA-h8jm-2x53-xhp5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7h3-uf1u-dkfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102967?format=api", "vulnerability_id": "VCID-r8gc-8nay-47fj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42471", "scoring_system": "epss", "scoring_elements": "0.97522", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2105" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/2959-1/", "reference_id": "USN-2959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201282?format=api", "purl": "pkg:deb/debian/openssl@1.0.2h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2105" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8gc-8nay-47fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31538?format=api", "vulnerability_id": "VCID-r9xy-48qa-4fhc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02393", "scoring_system": "epss", "scoring_elements": "0.85293", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0081" }, { "reference_url": "https://security.gentoo.org/glsa/200403-03", "reference_id": "GLSA-200403-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200403-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201230?format=api", "purl": "pkg:deb/debian/openssl@0.9.6d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0081" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9xy-48qa-4fhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143299?format=api", "vulnerability_id": "VCID-rdyk-rtmp-j7bf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78558", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1563" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201911-04", "reference_id": "GLSA-201911-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201911-04" }, { "reference_url": "https://usn.ubuntu.com/4376-1/", "reference_id": "USN-4376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4376-1/" }, { "reference_url": "https://usn.ubuntu.com/4376-2/", "reference_id": "USN-4376-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4376-2/" }, { "reference_url": "https://usn.ubuntu.com/4504-1/", "reference_id": "USN-4504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201297?format=api", "purl": "pkg:deb/debian/openssl@1.1.1d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1563" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdyk-rtmp-j7bf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68830?format=api", "vulnerability_id": "VCID-rj5m-rjcn-7qde", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.79191", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0014" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/1064-1/", "reference_id": "USN-1064-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1064-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201258?format=api", "purl": "pkg:deb/debian/openssl@0.9.8o-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0014" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rj5m-rjcn-7qde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/313213?format=api", "vulnerability_id": "VCID-rkwm-zkyy-bbfu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66199.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66199.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66199", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29792", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66199" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "reference_id": "2430379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379" }, { "reference_url": "https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4", "reference_id": "3ed1f75249932b155eef993a8e66a99cb98bfef4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/" } ], "url": "https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4" }, { "reference_url": "https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451", "reference_id": "6184a4fb08ee6d7bca570d931a4e8bef40b64451", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/" } ], "url": "https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451" }, { "reference_url": "https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5", "reference_id": "895150b5e021d16b52fb32b97e1dd12f20448be5", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/" } ], "url": "https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5" }, { "reference_url": "https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4", "reference_id": "966a2478046c311ed7dae50c457d0db4cafbf7e4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/" } ], "url": "https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-66199" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkwm-zkyy-bbfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100765?format=api", "vulnerability_id": "VCID-rnqe-tygu-gbhd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27483", "scoring_system": "epss", "scoring_elements": "0.96507", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0701" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" }, { "reference_url": "https://usn.ubuntu.com/2883-1/", "reference_id": "USN-2883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2883-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201280?format=api", "purl": "pkg:deb/debian/openssl@1.0.2f-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2f-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0701" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rnqe-tygu-gbhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87341?format=api", "vulnerability_id": "VCID-s8vu-fw3x-byhd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12974", "scoring_system": "epss", "scoring_elements": "0.94191", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3509" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s8vu-fw3x-byhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91115?format=api", "vulnerability_id": "VCID-sc7a-guev-2ua3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21559", "scoring_system": "epss", "scoring_elements": "0.95817", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://usn.ubuntu.com/2639-1/", "reference_id": "USN-2639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201270?format=api", "purl": "pkg:deb/debian/openssl@1.0.1h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8176" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sc7a-guev-2ua3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28262?format=api", "vulnerability_id": "VCID-sfzg-rkvw-8kbs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00883", "scoring_system": "epss", "scoring_elements": "0.75746", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0655" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201224?format=api", "purl": "pkg:deb/debian/openssl@0.9.6e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-0655" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sfzg-rkvw-8kbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107588?format=api", "vulnerability_id": "VCID-sgep-kx4v-t7h8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.71356", "scoring_system": "epss", "scoring_elements": "0.98744", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8610" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://usn.ubuntu.com/3181-1/", "reference_id": "USN-3181-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3181-1/" }, { "reference_url": "https://usn.ubuntu.com/3183-1/", "reference_id": "USN-3183-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3183-1/" }, { "reference_url": "https://usn.ubuntu.com/3183-2/", "reference_id": "USN-3183-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3183-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201285?format=api", "purl": "pkg:deb/debian/openssl@1.0.2j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8610" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgep-kx4v-t7h8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102970?format=api", "vulnerability_id": "VCID-snv9-fg5j-13ge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2108", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.36957", "scoring_system": "epss", "scoring_elements": "0.97232", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2108" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/2959-1/", "reference_id": "USN-2959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201283?format=api", "purl": "pkg:deb/debian/openssl@1.0.2c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2108" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snv9-fg5j-13ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100814?format=api", "vulnerability_id": "VCID-spaw-k5ca-9fdx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34192", "scoring_system": "epss", "scoring_elements": "0.97061", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" }, { "reference_url": "https://usn.ubuntu.com/2914-1/", "reference_id": "USN-2914-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2914-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201281?format=api", "purl": "pkg:deb/debian/openssl@1.0.2g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0797" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-spaw-k5ca-9fdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63070?format=api", "vulnerability_id": "VCID-t677-61e8-t3hb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20241", "scoring_system": "epss", "scoring_elements": "0.95617", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4355" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/884-1/", "reference_id": "USN-884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/884-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201251?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4355" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t677-61e8-t3hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5007?format=api", "vulnerability_id": "VCID-t8f6-edkm-mkbx", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24015", "scoring_system": "epss", "scoring_elements": "0.96134", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2177" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" }, { "reference_url": "https://usn.ubuntu.com/3181-1/", "reference_id": "USN-3181-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3181-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2177" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8f6-edkm-mkbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18181?format=api", "vulnerability_id": "VCID-t8ve-d7kb-tyar", "summary": "Excessive Iteration\nIssue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. After fixing\nCVE-2023-3446 it was discovered that a large q parameter value can also trigger\nan overly long computation during some of these checks. A correct q value,\nif present, cannot be larger than the modulus p parameter, thus it is\nunnecessary to perform these checks if q is larger than p.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulnerable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the \"-check\" option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3817" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/43", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2023/Jul/43" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5" }, { "reference_url": "https://www.openssl.org/news/secadv/20230731.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/" } ], "url": "https://www.openssl.org/news/secadv/20230731.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/31/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/07/31/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227852", "reference_id": "2227852", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227852" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3817", "reference_id": "CVE-2023-3817", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5931", "reference_id": "RHSA-2023:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7622", "reference_id": "RHSA-2023:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7623", "reference_id": "RHSA-2023:7623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7877", "reference_id": "RHSA-2023:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0154", "reference_id": "RHSA-2024:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0208", "reference_id": "RHSA-2024:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://usn.ubuntu.com/6435-1/", "reference_id": "USN-6435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6435-1/" }, { "reference_url": "https://usn.ubuntu.com/6435-2/", "reference_id": "USN-6435-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6435-2/" }, { "reference_url": "https://usn.ubuntu.com/6450-1/", "reference_id": "USN-6450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6450-1/" }, { "reference_url": "https://usn.ubuntu.com/6709-1/", "reference_id": "USN-6709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6709-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201323?format=api", "purl": "pkg:deb/debian/openssl@1.1.1v-0~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1v-0~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201321?format=api", "purl": "pkg:deb/debian/openssl@3.0.10-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201322?format=api", "purl": "pkg:deb/debian/openssl@3.0.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-3817" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8ve-d7kb-tyar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203778?format=api", "vulnerability_id": "VCID-tapp-78zt-kkap", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19455", "scoring_system": "epss", "scoring_elements": "0.95495", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3358" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0059.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0059.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221028-0014", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20221028-0014" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221028-0014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20221028-0014/" }, { "reference_url": "https://www.openssl.org/news/secadv/20221011.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20221011.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021620", "reference_id": "1021620", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021620" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3358", "reference_id": "CVE-2022-3358", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3358" }, { "reference_url": "https://github.com/advisories/GHSA-4f63-89w9-3jjv", "reference_id": "GHSA-4f63-89w9-3jjv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4f63-89w9-3jjv" }, { "reference_url": "https://usn.ubuntu.com/5710-1/", "reference_id": "USN-5710-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5710-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201316?format=api", "purl": "pkg:deb/debian/openssl@3.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3358", "GHSA-4f63-89w9-3jjv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tapp-78zt-kkap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87380?format=api", "vulnerability_id": "VCID-tjrf-2wtp-6ya5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08845", "scoring_system": "epss", "scoring_elements": "0.9267", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3572" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjrf-2wtp-6ya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92685?format=api", "vulnerability_id": "VCID-tm1v-g8un-9fg5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06036", "scoring_system": "epss", "scoring_elements": "0.90867", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0293" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" }, { "reference_url": "https://usn.ubuntu.com/2537-1/", "reference_id": "USN-2537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201276?format=api", "purl": "pkg:deb/debian/openssl@1.0.0c-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0c-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0293" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tm1v-g8un-9fg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92629?format=api", "vulnerability_id": "VCID-tug1-jb6c-nbae", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12252", "scoring_system": "epss", "scoring_elements": "0.9397", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206" }, { "reference_url": "https://usn.ubuntu.com/2459-1/", "reference_id": "USN-2459-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2459-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201274?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0205" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tug1-jb6c-nbae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/244142?format=api", "vulnerability_id": "VCID-tvez-6u12-pydz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-13176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22746", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-13176" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", "reference_id": "07272b05b04836a762b4baa874958af51d513844", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", "reference_id": "0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027", "reference_id": "1094027", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027" }, { "reference_url": "https://openssl-library.org/news/secadv/20250120.txt", "reference_id": "20250120.txt", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://openssl-library.org/news/secadv/20250120.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338999", "reference_id": "2338999", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338999" }, { "reference_url": "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", "reference_id": "2af62e74fb59bc469506bc37eb2990ea408d9467", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467" }, { "reference_url": "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", "reference_id": "392dcb336405a0c94486aa6655057f59fd3a0902", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902" }, { "reference_url": "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", "reference_id": "4b1cb94a734a7d4ec363ac0a215a25c181e11f65", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65" }, { "reference_url": "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", "reference_id": "77c608f4c8857e63e98e66444e2e761c9627916f", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", "reference_id": "a2639000db19878d5d89586ae7b725080592ae86", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86" }, { "reference_url": "https://usn.ubuntu.com/7264-1/", "reference_id": "USN-7264-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7264-1/" }, { "reference_url": "https://usn.ubuntu.com/7278-1/", "reference_id": "USN-7278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7278-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201332?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201331?format=api", "purl": "pkg:deb/debian/openssl@3.0.16-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.16-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201330?format=api", "purl": "pkg:deb/debian/openssl@3.4.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.4.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-13176" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvez-6u12-pydz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5043?format=api", "vulnerability_id": "VCID-u3ks-ncv4-33f5", "summary": "incorrect calculation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5363.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5363.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06469", "scoring_system": "epss", "scoring_elements": "0.91224", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:15:36Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:15:36Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20231027-0010/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2023/dsa-5532" }, { "reference_url": "https://www.openssl.org/news/secadv/20231024.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:15:36Z/" } ], "url": "https://www.openssl.org/news/secadv/20231024.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/24/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/10/24/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243839", "reference_id": "2243839", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243839" }, { "reference_url": "https://security.archlinux.org/AVG-2848", "reference_id": "AVG-2848", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2848" }, { "reference_url": "https://security.archlinux.org/AVG-2849", "reference_id": "AVG-2849", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2849" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5363", "reference_id": "CVE-2023-5363", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0310", "reference_id": "RHSA-2024:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0500", "reference_id": "RHSA-2024:0500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://usn.ubuntu.com/6450-1/", "reference_id": "USN-6450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6450-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201324?format=api", "purl": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.11-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201325?format=api", "purl": "pkg:deb/debian/openssl@3.0.12-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.12-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5363" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3ks-ncv4-33f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3791?format=api", "vulnerability_id": "VCID-u46f-74uq-j7hy", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.93114", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3449" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10356" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3449" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0055", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0055" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0055.html" }, { "reference_url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210326-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210326-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002" }, { "reference_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4875", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2021/dsa-4875" }, { "reference_url": "https://www.openssl.org/news/secadv/20210325.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20210325.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-05", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-05" }, { "reference_url": "https://www.tenable.com/security/tns-2021-06", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-06" }, { "reference_url": "https://www.tenable.com/security/tns-2021-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-09" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/27/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/27/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/28/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/03/28/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4" }, { "reference_url": "https://security.archlinux.org/ASA-202103-10", "reference_id": "ASA-202103-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202103-10" }, { "reference_url": "https://security.archlinux.org/AVG-1736", "reference_id": "AVG-1736", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1736" }, { "reference_url": "https://security.gentoo.org/glsa/202103-03", "reference_id": "GLSA-202103-03", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "reference_url": "https://usn.ubuntu.com/4891-1/", "reference_id": "USN-4891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4891-1/" }, { "reference_url": "https://usn.ubuntu.com/5038-1/", "reference_id": "USN-5038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201303?format=api", "purl": "pkg:deb/debian/openssl@1.1.1k-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3449", "GHSA-83mx-573x-5rw9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u46f-74uq-j7hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17433?format=api", "vulnerability_id": "VCID-u4fw-w6bp-rkdq", "summary": "Out-of-bounds Read\nIssue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1255.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1255.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26736", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a" }, { "reference_url": "https://www.openssl.org/news/secadv/20230419.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/" } ], "url": "https://www.openssl.org/news/secadv/20230419.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720", "reference_id": "1034720", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188461", "reference_id": "2188461", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188461" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1255", "reference_id": "CVE-2023-1255", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1255" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230908-0006/", "reference_id": "ntap-20230908-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230908-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3722", "reference_id": "RHSA-2023:3722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "reference_url": "https://usn.ubuntu.com/6119-1/", "reference_id": "USN-6119-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6119-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201319?format=api", "purl": "pkg:deb/debian/openssl@3.0.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-1255" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fw-w6bp-rkdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72712?format=api", "vulnerability_id": "VCID-u9ha-hbwy-c3hb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03163", "scoring_system": "epss", "scoring_elements": "0.87145", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4619" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201236?format=api", "purl": "pkg:deb/debian/openssl@1.0.0h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4619" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9ha-hbwy-c3hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4159?format=api", "vulnerability_id": "VCID-ujxh-ptp6-qfdy", "summary": "denial of service", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html" }, { "reference_url": "http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60769", "scoring_system": "epss", "scoring_elements": "0.98321", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1967" }, { "reference_url": "http://seclists.org/fulldisclosure/2020/May/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2020/May/5" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/irsl/CVE-2020-1967", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/irsl/CVE-2020-1967" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440" }, { "reference_url": "https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1967", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1967" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2020-0015.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2020-0015.html" }, { "reference_url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200424-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200424-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200717-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200717-0004" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4661", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2020/dsa-4661" }, { "reference_url": "https://www.openssl.org/news/secadv/20200421.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20200421.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_20_05", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_20_05" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL" }, { "reference_url": "https://www.tenable.com/security/tns-2020-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-03" }, { "reference_url": "https://www.tenable.com/security/tns-2020-04", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-04" }, { "reference_url": "https://www.tenable.com/security/tns-2020-11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-11" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/04/22/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2020/04/22/2" }, { "reference_url": "https://security.archlinux.org/ASA-202004-18", "reference_id": "ASA-202004-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-18" }, { "reference_url": "https://security.archlinux.org/ASA-202004-19", "reference_id": "ASA-202004-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-19" }, { "reference_url": "https://security.archlinux.org/AVG-1139", "reference_id": "AVG-1139", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1139" }, { "reference_url": "https://security.archlinux.org/AVG-1142", "reference_id": "AVG-1142", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1142" }, { "reference_url": "https://security.gentoo.org/glsa/202004-10", "reference_id": "GLSA-202004-10", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202004-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201299?format=api", "purl": "pkg:deb/debian/openssl@1.1.1g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-1967", "GHSA-jq65-29v4-4x35" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujxh-ptp6-qfdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92682?format=api", "vulnerability_id": "VCID-unbn-pars-skec", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30474", "scoring_system": "epss", "scoring_elements": "0.96786", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0290" }, { "reference_url": "https://security.gentoo.org/glsa/201503-11", "reference_id": "GLSA-201503-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0290" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-unbn-pars-skec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75374?format=api", "vulnerability_id": "VCID-uuvc-1hnq-uuhw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06763", "scoring_system": "epss", "scoring_elements": "0.91441", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2333" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672452", "reference_id": "672452", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672452" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://usn.ubuntu.com/1451-1/", "reference_id": "USN-1451-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1451-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201265?format=api", "purl": "pkg:deb/debian/openssl@1.0.1c-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1c-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2333" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uuvc-1hnq-uuhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87344?format=api", "vulnerability_id": "VCID-v2sp-a2gd-afby", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4021", "scoring_system": "epss", "scoring_elements": "0.97412", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3512" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2sp-a2gd-afby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72393?format=api", "vulnerability_id": "VCID-vhns-hqc7-33bz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4108", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01251", "scoring_system": "epss", "scoring_elements": "0.79649", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4108" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645805", "reference_id": "645805", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645805" }, { "reference_url": "https://security.gentoo.org/glsa/201203-12", "reference_id": "GLSA-201203-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-12" }, { "reference_url": "https://usn.ubuntu.com/1357-1/", "reference_id": "USN-1357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201259?format=api", "purl": "pkg:deb/debian/openssl@1.0.0f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4108" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhns-hqc7-33bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16824?format=api", "vulnerability_id": "VCID-vv2c-xvqf-cfdt", "summary": "NULL Pointer Dereference\nAn invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.75251", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0216" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2023-0011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2023-0011.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/" } ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "reference_url": "https://www.openssl.org/news/secadv/20230207.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/" } ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497", "reference_id": "2164497", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216", "reference_id": "CVE-2023-0216", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0946", "reference_id": "RHSA-2023:0946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1199", "reference_id": "RHSA-2023:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1199" }, { "reference_url": "https://usn.ubuntu.com/5844-1/", "reference_id": "USN-5844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5844-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201318?format=api", "purl": "pkg:deb/debian/openssl@3.0.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0216", "GHSA-29xx-hcv2-c4cp" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vv2c-xvqf-cfdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6567?format=api", "vulnerability_id": "VCID-vvjn-qbrq-skgt", "summary": "private key recovery", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04803", "scoring_system": "epss", "scoring_elements": "0.89661", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0735" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201812-5", "reference_id": "ASA-201812-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201812-5" }, { "reference_url": "https://security.archlinux.org/ASA-201812-6", "reference_id": "ASA-201812-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201812-6" }, { "reference_url": "https://security.archlinux.org/AVG-792", "reference_id": "AVG-792", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-792" }, { "reference_url": "https://security.archlinux.org/AVG-793", "reference_id": "AVG-793", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-793" }, { "reference_url": "https://usn.ubuntu.com/3840-1/", "reference_id": "USN-3840-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3840-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201293?format=api", "purl": "pkg:deb/debian/openssl@1.1.1a-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1a-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0735" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vvjn-qbrq-skgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95331?format=api", "vulnerability_id": "VCID-w66d-tkyb-13gy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03481", "scoring_system": "epss", "scoring_elements": "0.87777", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" }, { "reference_url": "https://usn.ubuntu.com/2830-1/", "reference_id": "USN-2830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2830-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201279?format=api", "purl": "pkg:deb/debian/openssl@1.0.2e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3195" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w66d-tkyb-13gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6339?format=api", "vulnerability_id": "VCID-wb82-fja8-wyap", "summary": "private key recovery", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7056", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38832", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7056" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-140", "reference_id": "AVG-140", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-140" }, { "reference_url": "https://security.archlinux.org/AVG-141", "reference_id": "AVG-141", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-141" }, { "reference_url": "https://usn.ubuntu.com/3181-1/", "reference_id": "USN-3181-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3181-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201287?format=api", "purl": "pkg:deb/debian/openssl@1.0.2a-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2a-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7056" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wb82-fja8-wyap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6573?format=api", "vulnerability_id": "VCID-wdjy-4rt8-wkd2", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38121", "scoring_system": "epss", "scoring_elements": "0.97294", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0737" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895844", "reference_id": "895844", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895844" }, { "reference_url": "https://security.archlinux.org/AVG-674", "reference_id": "AVG-674", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-674" }, { "reference_url": "https://security.archlinux.org/AVG-675", "reference_id": "AVG-675", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-675" }, { "reference_url": "https://security.gentoo.org/glsa/201811-21", "reference_id": "GLSA-201811-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-21" }, { "reference_url": "https://usn.ubuntu.com/3628-1/", "reference_id": "USN-3628-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3628-1/" }, { "reference_url": "https://usn.ubuntu.com/3628-2/", "reference_id": "USN-3628-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3628-2/" }, { "reference_url": "https://usn.ubuntu.com/3692-1/", "reference_id": "USN-3692-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3692-1/" }, { "reference_url": "https://usn.ubuntu.com/3692-2/", "reference_id": "USN-3692-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3692-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201294?format=api", "purl": "pkg:deb/debian/openssl@1.1.0h-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0h-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0737" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdjy-4rt8-wkd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61288?format=api", "vulnerability_id": "VCID-wfsd-jenz-u3fc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02215", "scoring_system": "epss", "scoring_elements": "0.84753", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2409" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539895", "reference_id": "539895", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539895" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539899", "reference_id": "539899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539899" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://usn.ubuntu.com/809-1/", "reference_id": "USN-809-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/809-1/" }, { "reference_url": "https://usn.ubuntu.com/810-1/", "reference_id": "USN-810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/810-1/" }, { "reference_url": "https://usn.ubuntu.com/830-1/", "reference_id": "USN-830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/830-1/" }, { "reference_url": "https://usn.ubuntu.com/859-1/", "reference_id": "USN-859-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/859-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201248?format=api", "purl": "pkg:deb/debian/openssl@0.9.8k-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8k-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2409" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wfsd-jenz-u3fc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75214?format=api", "vulnerability_id": "VCID-wh5m-hp7x-hbcv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07856", "scoring_system": "epss", "scoring_elements": "0.92126", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2131" }, { "reference_url": "https://usn.ubuntu.com/1428-1/", "reference_id": "USN-1428-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1428-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2131" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wh5m-hp7x-hbcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196292?format=api", "vulnerability_id": "VCID-whnk-t6ep-kkfh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66652", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2097" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0032.html" }, { "reference_url": "https://security.gentoo.org/glsa/202210-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220715-0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220715-0011" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0008" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5343", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5343" }, { "reference_url": "https://www.openssl.org/news/secadv/20220705.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://www.openssl.org/news/secadv/20220705.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023424", "reference_id": "1023424", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023424" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097", "reference_id": "CVE-2022-2097", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2097" }, { "reference_url": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2", "reference_id": "GHSA-3wx7-46ch-7rq2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3wx7-46ch-7rq2" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220715-0011/", "reference_id": "ntap-20220715-0011", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220715-0011/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0008/", "reference_id": "ntap-20230420-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", "reference_id": "R6CK57NBQFTPUMXAPJURCGXUYT76NQAK", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/" }, { "reference_url": "https://usn.ubuntu.com/5502-1/", "reference_id": "USN-5502-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5502-1/" }, { "reference_url": "https://usn.ubuntu.com/6457-1/", "reference_id": "USN-6457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6457-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", "reference_id": "V6567JERRHHJW2GNGJGKDRNHR7SNPZK7", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", "reference_id": "VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T19:45:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201314?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201313?format=api", "purl": "pkg:deb/debian/openssl@3.0.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2097", "GHSA-3wx7-46ch-7rq2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whnk-t6ep-kkfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103372?format=api", "vulnerability_id": "VCID-x6fs-xdqt-83gn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.54295", "scoring_system": "epss", "scoring_elements": "0.98066", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201281?format=api", "purl": "pkg:deb/debian/openssl@1.0.2g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2842" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6fs-xdqt-83gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95330?format=api", "vulnerability_id": "VCID-x8hk-74cc-xude", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3194", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51896", "scoring_system": "epss", "scoring_elements": "0.97953", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3194" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" }, { "reference_url": "https://usn.ubuntu.com/2830-1/", "reference_id": "USN-2830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2830-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201279?format=api", "purl": "pkg:deb/debian/openssl@1.0.2e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3194" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8hk-74cc-xude" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30481?format=api", "vulnerability_id": "VCID-xc5h-71vt-fbdt", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.74574", "scoring_system": "epss", "scoring_elements": "0.98875", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0545" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201228?format=api", "purl": "pkg:deb/debian/openssl@0.9.7c?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.7c%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0545" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xc5h-71vt-fbdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5822?format=api", "vulnerability_id": "VCID-xh61-hden-qbay", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00958", "scoring_system": "epss", "scoring_elements": "0.76762", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23841" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/May/67", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/May/67" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/May/68", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/May/68" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/May/70", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/May/70" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0058", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0058" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0058.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002" }, { "reference_url": "https://support.apple.com/kb/HT212528", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://support.apple.com/kb/HT212528" }, { "reference_url": "https://support.apple.com/kb/HT212529", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://support.apple.com/kb/HT212529" }, { "reference_url": "https://support.apple.com/kb/HT212534", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://support.apple.com/kb/HT212534" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4855", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "reference_url": "https://www.openssl.org/news/secadv/20210216.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.tenable.com/security/tns-2021-03" }, { "reference_url": "https://www.tenable.com/security/tns-2021-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://www.tenable.com/security/tns-2021-09" }, { "reference_url": "https://security.archlinux.org/ASA-202102-42", "reference_id": "ASA-202102-42", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-42" }, { "reference_url": "https://security.archlinux.org/AVG-1581", "reference_id": "AVG-1581", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1581" }, { "reference_url": "https://security.gentoo.org/glsa/202103-03", "reference_id": "GLSA-202103-03", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0009/", "reference_id": "ntap-20210219-0009", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0002/", "reference_id": "ntap-20210513-0002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:18:08Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807" }, { "reference_url": "https://usn.ubuntu.com/4738-1/", "reference_id": "USN-4738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4738-1/" }, { "reference_url": "https://usn.ubuntu.com/4745-1/", "reference_id": "USN-4745-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4745-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201302?format=api", "purl": "pkg:deb/debian/openssl@1.1.1j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-23841", "GHSA-84rm-qf37-fgc2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xh61-hden-qbay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84545?format=api", "vulnerability_id": "VCID-xrtq-shwp-7ua6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92751", "scoring_system": "epss", "scoring_elements": "0.99766", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665", "reference_id": "750665", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665" }, { "reference_url": "https://security.gentoo.org/glsa/201407-05", "reference_id": "GLSA-201407-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201407-05" }, { "reference_url": "https://usn.ubuntu.com/2232-1/", "reference_id": "USN-2232-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2232-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201270?format=api", "purl": "pkg:deb/debian/openssl@1.0.1h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0195" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xrtq-shwp-7ua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/283236?format=api", "vulnerability_id": "VCID-xs57-nrgs-fka9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15467.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15467.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02889", "scoring_system": "epss", "scoring_elements": "0.86564", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20260127.txt", "reference_id": "20260127.txt", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/" } ], "url": "https://openssl-library.org/news/secadv/20260127.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "reference_id": "2430376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376" }, { "reference_url": "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703", "reference_id": "2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/" } ], "url": "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703" }, { "reference_url": "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9", "reference_id": "5f26d4202f5b89664c5c3f3c62086276026ba9a9", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/" } ], "url": "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9" }, { "reference_url": "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3", "reference_id": "6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/" } ], "url": "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3" }, { "reference_url": "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e", "reference_id": "ce39170276daec87f55c39dad1f629b56344429e", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/" } ], "url": "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e" }, { "reference_url": "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc", "reference_id": "d0071a0799f20cc8101730145349ed4487c268dc", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/" } ], "url": "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1472", "reference_id": "RHSA-2026:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1473", "reference_id": "RHSA-2026:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1496", "reference_id": "RHSA-2026:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1503", "reference_id": "RHSA-2026:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1519", "reference_id": "RHSA-2026:1519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1594", "reference_id": "RHSA-2026:1594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1733", "reference_id": "RHSA-2026:1733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2072", "reference_id": "RHSA-2026:2072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2077", "reference_id": "RHSA-2026:2077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2633", "reference_id": "RHSA-2026:2633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2659", "reference_id": "RHSA-2026:2659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2659" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2671", "reference_id": "RHSA-2026:2671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2844", "reference_id": "RHSA-2026:2844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2974", "reference_id": "RHSA-2026:2974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3415", "reference_id": "RHSA-2026:3415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4419", "reference_id": "RHSA-2026:4419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6481", "reference_id": "RHSA-2026:6481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7980-1/", "reference_id": "USN-7980-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7980-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201341?format=api", "purl": "pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201340?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201339?format=api", "purl": "pkg:deb/debian/openssl@3.5.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-15467" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xs57-nrgs-fka9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67730?format=api", "vulnerability_id": "VCID-xvyz-aae5-p7bp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03846", "scoring_system": "epss", "scoring_elements": "0.8839", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4180" }, { "reference_url": "https://security.gentoo.org/glsa/201110-01", "reference_id": "GLSA-201110-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-01" }, { "reference_url": "https://usn.ubuntu.com/1029-1/", "reference_id": "USN-1029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201256?format=api", "purl": "pkg:deb/debian/openssl@0.9.8o-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4180" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvyz-aae5-p7bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50451?format=api", "vulnerability_id": "VCID-xy1p-53ck-dkem", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10617", "scoring_system": "epss", "scoring_elements": "0.93416", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4995" }, { "reference_url": "https://security.gentoo.org/glsa/200710-30", "reference_id": "GLSA-200710-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-30" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://usn.ubuntu.com/534-1/", "reference_id": "USN-534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/534-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201238?format=api", "purl": "pkg:deb/debian/openssl@0.9.8f-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8f-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-4995" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xy1p-53ck-dkem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94168?format=api", "vulnerability_id": "VCID-y5wp-nh1p-cqcp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12357", "scoring_system": "epss", "scoring_elements": "0.94002", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://usn.ubuntu.com/2639-1/", "reference_id": "USN-2639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201277?format=api", "purl": "pkg:deb/debian/openssl@1.0.2b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1792" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5wp-nh1p-cqcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/318509?format=api", "vulnerability_id": "VCID-y7cx-fpjq-87at", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9232.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9232.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17034", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9232" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://openssl-library.org/news/secadv/20250930.txt", "reference_id": "20250930.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/" } ], "url": "https://openssl-library.org/news/secadv/20250930.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396056", "reference_id": "2396056", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396056" }, { "reference_url": "https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35", "reference_id": "2b4ec20e47959170422922eaff25346d362dcb35", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/" } ], "url": "https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35" }, { "reference_url": "https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b", "reference_id": "654dc11d23468a74fc8ea4672b702dd3feb7be4b", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/" } ], "url": "https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b" }, { "reference_url": "https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3", "reference_id": "7cf21a30513c9e43c4bc3836c237cf086e194af3", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/" } ], "url": "https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3" }, { "reference_url": "https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf", "reference_id": "89e790ac431125a4849992858490bed6b225eadf", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/" } ], "url": "https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf" }, { "reference_url": "https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0", "reference_id": "bbf38c034cdabd0a13330abcc4855c866f53d2e0", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/" } ], "url": "https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261", "reference_id": "RHSA-2026:7261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7261" }, { "reference_url": "https://usn.ubuntu.com/7786-1/", "reference_id": "USN-7786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7786-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201345?format=api", "purl": "pkg:deb/debian/openssl@3.0.17-1~deb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.17-1~deb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201348?format=api", "purl": "pkg:deb/debian/openssl@3.5.1-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.1-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201347?format=api", "purl": "pkg:deb/debian/openssl@3.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-9232" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y7cx-fpjq-87at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143296?format=api", "vulnerability_id": "VCID-y94f-q6y5-8ban", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02801", "scoring_system": "epss", "scoring_elements": "0.86369", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947949", "reference_id": "947949", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947949" }, { "reference_url": "https://security.gentoo.org/glsa/202004-10", "reference_id": "GLSA-202004-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-10" }, { "reference_url": "https://usn.ubuntu.com/4376-1/", "reference_id": "USN-4376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4376-1/" }, { "reference_url": "https://usn.ubuntu.com/4504-1/", "reference_id": "USN-4504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201298?format=api", "purl": "pkg:deb/debian/openssl@1.1.1e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-1551" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y94f-q6y5-8ban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94170?format=api", "vulnerability_id": "VCID-ya25-uvun-cqg8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09852", "scoring_system": "epss", "scoring_elements": "0.93111", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1794" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201601-05", "reference_id": "GLSA-201601-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201601-05" }, { "reference_url": "https://usn.ubuntu.com/2830-1/", "reference_id": "USN-2830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2830-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201279?format=api", "purl": "pkg:deb/debian/openssl@1.0.2e-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2e-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1794" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ya25-uvun-cqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/204294?format=api", "vulnerability_id": "VCID-yksj-4mp6-pfh6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3996.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3996.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34411", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3996" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs" }, { "reference_url": "https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T21:11:25Z/" } ], "url": "https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3996", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3996" }, { "reference_url": "https://www.openssl.org/news/secadv/20221213.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T21:11:25Z/" } ], "url": "https://www.openssl.org/news/secadv/20221213.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027102", "reference_id": "1027102", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027102" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153239", "reference_id": "2153239", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153239" }, { "reference_url": "https://usn.ubuntu.com/6039-1/", "reference_id": "USN-6039-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6039-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201317?format=api", "purl": "pkg:deb/debian/openssl@3.0.7-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3996", "GHSA-vr8j-hgmm-jh9r" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yksj-4mp6-pfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52219?format=api", "vulnerability_id": "VCID-ymth-gzfh-1bbj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04353", "scoring_system": "epss", "scoring_elements": "0.89114", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0166" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5622.txt", "reference_id": "CVE-2008-0166", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5622.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5632.rb", "reference_id": "CVE-2008-0166", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5632.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5720.py", "reference_id": "OSVDB-45029;CVE-2008-3280;CVE-2008-0166", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5720.py" }, { "reference_url": "https://usn.ubuntu.com/612-1/", "reference_id": "USN-612-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/612-1/" }, { "reference_url": "https://usn.ubuntu.com/612-2/", "reference_id": "USN-612-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/612-2/" }, { "reference_url": "https://usn.ubuntu.com/612-3/", "reference_id": "USN-612-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/612-3/" }, { "reference_url": "https://usn.ubuntu.com/612-4/", "reference_id": "USN-612-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/612-4/" }, { "reference_url": "https://usn.ubuntu.com/612-7/", "reference_id": "USN-612-7", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/612-7/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201241?format=api", "purl": "pkg:deb/debian/openssl@0.9.8g-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8g-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-0166" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymth-gzfh-1bbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/273619?format=api", "vulnerability_id": "VCID-ypjj-ux1b-b7ej", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06873", "scoring_system": "epss", "scoring_elements": "0.91512", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5535" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074487", "reference_id": "1074487", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074487" }, { "reference_url": "https://www.openssl.org/news/secadv/20240627.txt", "reference_id": "20240627.txt", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://www.openssl.org/news/secadv/20240627.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "reference_id": "2294581", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294581" }, { "reference_url": "https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37", "reference_id": "4ada436a1946cbb24db5ab4ca082b69c1bc10f37", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c", "reference_id": "9947251413065a05189a63c9b7a6c1d4e224c21c", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c" }, { "reference_url": "https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e", "reference_id": "99fb785a5f85315b95288921a321a935ea29a51e", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87", "reference_id": "b78ec0824da857223486660177d3b1f255c65d87", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87" }, { "reference_url": "https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c", "reference_id": "cf6f91f6121f4db167405db2f0de410a456f260c", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c" }, { "reference_url": "https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c", "reference_id": "e86ac436f0bd54d4517745483e2315650fae7b2c", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/" } ], "url": "https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7846", "reference_id": "RHSA-2024:7846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7847", "reference_id": "RHSA-2024:7847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7848", "reference_id": "RHSA-2024:7848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9333", "reference_id": "RHSA-2024:9333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3452", "reference_id": "RHSA-2025:3452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3666", "reference_id": "RHSA-2025:3666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3666" }, { "reference_url": "https://usn.ubuntu.com/6937-1/", "reference_id": "USN-6937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6937-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201335?format=api", "purl": "pkg:deb/debian/openssl@3.0.15-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.15-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201336?format=api", "purl": "pkg:deb/debian/openssl@3.3.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.3.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-5535" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypjj-ux1b-b7ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29111?format=api", "vulnerability_id": "VCID-yqcz-nrsf-sfaf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01095", "scoring_system": "epss", "scoring_elements": "0.78292", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1568" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201225?format=api", "purl": "pkg:deb/debian/openssl@0.9.6g-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.6g-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1568" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yqcz-nrsf-sfaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18110?format=api", "vulnerability_id": "VCID-yvae-9f18-n7ep", "summary": "Inefficient Regular Expression Complexity\nIssue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. One of those\nchecks confirms that the modulus ('p' parameter) is not too large. Trying to use\na very large modulus is slow and OpenSSL will not normally use a modulus which\nis over 10,000 bits in length.\n\nHowever the DH_check() function checks numerous aspects of the key or parameters\nthat have been supplied. Some of those checks use the supplied modulus value\neven if it has already been found to be too large.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulernable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the '-check' option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3446.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3446.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01027", "scoring_system": "epss", "scoring_elements": "0.77596", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3446" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:22Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23" }, { "reference_url": "https://www.openssl.org/news/secadv/20230719.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:22Z/" } ], "url": "https://www.openssl.org/news/secadv/20230719.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/19/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/07/19/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/19/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/07/19/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/07/19/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/07/19/6" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041817", "reference_id": "1041817", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041817" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "reference_id": "2224962", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224962" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3446", "reference_id": "CVE-2023-3446", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7622", "reference_id": "RHSA-2023:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7623", "reference_id": "RHSA-2023:7623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7877", "reference_id": "RHSA-2023:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0154", "reference_id": "RHSA-2024:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0208", "reference_id": "RHSA-2024:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0408", "reference_id": "RHSA-2024:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0888", "reference_id": "RHSA-2024:0888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1415", "reference_id": "RHSA-2024:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2264", "reference_id": "RHSA-2024:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://usn.ubuntu.com/6435-1/", "reference_id": "USN-6435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6435-1/" }, { "reference_url": "https://usn.ubuntu.com/6435-2/", "reference_id": "USN-6435-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6435-2/" }, { "reference_url": "https://usn.ubuntu.com/6450-1/", "reference_id": "USN-6450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6450-1/" }, { "reference_url": "https://usn.ubuntu.com/6709-1/", "reference_id": "USN-6709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6709-1/" }, { "reference_url": "https://usn.ubuntu.com/7018-1/", "reference_id": "USN-7018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7018-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201323?format=api", "purl": "pkg:deb/debian/openssl@1.1.1v-0~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1v-0~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201321?format=api", "purl": "pkg:deb/debian/openssl@3.0.10-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201322?format=api", "purl": "pkg:deb/debian/openssl@3.0.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-3446" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yvae-9f18-n7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19319?format=api", "vulnerability_id": "VCID-yyrx-r985-fycc", "summary": "Null pointer dereference in PKCS12 parsing\nIssue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL\nto crash leading to a potential Denial of Service attack\n\nImpact summary: Applications loading files in the PKCS12 format from untrusted\nsources might terminate abruptly.\n\nA file in PKCS12 format can contain certificates and keys and may come from an\nuntrusted source. The PKCS12 specification allows certain fields to be NULL, but\nOpenSSL does not correctly check for this case. This can lead to a NULL pointer\ndereference that results in OpenSSL crashing. If an application processes PKCS12\nfiles from an untrusted source using the OpenSSL APIs then that application will\nbe vulnerable to this issue.\n\nOpenSSL APIs that are vulnerable to this are: PKCS12_parse(),\nPKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()\nand PKCS12_newpass().\n\nWe have also fixed a similar issue in SMIME_write_PKCS7(). However since this\nfunction is related to writing data we do not consider it security significant.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.47001", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0727" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-277137.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-277137.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html" }, { "reference_url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2" }, { "reference_url": "https://github.com/github/advisory-database/pull/3472", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/pull/3472" }, { "reference_url": "https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2" }, { "reference_url": "https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a" }, { "reference_url": "https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/" } ], "url": "https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c" }, { "reference_url": "https://github.com/openssl/openssl/pull/23362", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openssl/openssl/pull/23362" }, { "reference_url": "https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8" }, { "reference_url": "https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/" } ], "url": "https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240208-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240208-0006" }, { "reference_url": "https://www.openssl.org/news/secadv/20240125.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/" } ], "url": "https://www.openssl.org/news/secadv/20240125.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/11/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582", "reference_id": "1061582", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "reference_id": "2259944", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259944" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0727", "reference_id": "CVE-2024-0727", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0727" }, { "reference_url": "https://github.com/advisories/GHSA-9v9h-cgj8-h64p", "reference_id": "GHSA-9v9h-cgj8-h64p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9v9h-cgj8-h64p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9088", "reference_id": "RHSA-2024:9088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9088" }, { "reference_url": "https://usn.ubuntu.com/6622-1/", "reference_id": "USN-6622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6622-1/" }, { "reference_url": "https://usn.ubuntu.com/6632-1/", "reference_id": "USN-6632-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6632-1/" }, { "reference_url": "https://usn.ubuntu.com/6709-1/", "reference_id": "USN-6709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6709-1/" }, { "reference_url": "https://usn.ubuntu.com/7018-1/", "reference_id": "USN-7018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7018-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201326?format=api", "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201329?format=api", "purl": "pkg:deb/debian/openssl@3.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0727", "GHSA-9v9h-cgj8-h64p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyrx-r985-fycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87340?format=api", "vulnerability_id": "VCID-z16z-zg2a-8bga", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03123", "scoring_system": "epss", "scoring_elements": "0.87075", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139" }, { "reference_url": "https://usn.ubuntu.com/2308-1/", "reference_id": "USN-2308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201272?format=api", "purl": "pkg:deb/debian/openssl@1.0.1i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3508" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z16z-zg2a-8bga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17196?format=api", "vulnerability_id": "VCID-znh8-j1ww-9yb4", "summary": "Improper Certificate Validation\nThe function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0466.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.75169", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0466" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061" }, { "reference_url": "https://www.openssl.org/news/secadv/20230328.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://www.openssl.org/news/secadv/20230328.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720", "reference_id": "1034720", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182565", "reference_id": "2182565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182565" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466", "reference_id": "CVE-2023-0466", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230414-0001/", "reference_id": "ntap-20230414-0001", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3722", "reference_id": "RHSA-2023:3722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7622", "reference_id": "RHSA-2023:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7623", "reference_id": "RHSA-2023:7623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://usn.ubuntu.com/6039-1/", "reference_id": "USN-6039-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6039-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201320?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201319?format=api", "purl": "pkg:deb/debian/openssl@3.0.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0466" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znh8-j1ww-9yb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102968?format=api", "vulnerability_id": "VCID-zq3g-57ww-8yck", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.68451", "scoring_system": "epss", "scoring_elements": "0.98634", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2106" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201612-16", "reference_id": "GLSA-201612-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-16" }, { "reference_url": "https://usn.ubuntu.com/2959-1/", "reference_id": "USN-2959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201282?format=api", "purl": "pkg:deb/debian/openssl@1.0.2h-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2h-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2106" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zq3g-57ww-8yck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5003?format=api", "vulnerability_id": "VCID-zqrq-h7a6-g7ct", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24266", "scoring_system": "epss", "scoring_elements": "0.96187", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2181" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" }, { "reference_url": "https://usn.ubuntu.com/3087-1/", "reference_id": "USN-3087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201284?format=api", "purl": "pkg:deb/debian/openssl@1.0.2i-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2i-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2181" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqrq-h7a6-g7ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87376?format=api", "vulnerability_id": "VCID-zuag-2c42-g3a7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04693", "scoring_system": "epss", "scoring_elements": "0.89522", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568" }, { "reference_url": "https://security.gentoo.org/glsa/201412-39", "reference_id": "GLSA-201412-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-39" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201273?format=api", "purl": "pkg:deb/debian/openssl@1.0.1j-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1j-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3568" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zuag-2c42-g3a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/172351?format=api", "vulnerability_id": "VCID-zy7d-j4nm-a3hs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52821", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23839" }, { "reference_url": "https://www.openssl.org/news/secadv/20210216.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T19:19:45Z/" } ], "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", "reference_id": "CVE-2021-23839", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0009/", "reference_id": "ntap-20210219-0009", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T19:19:45Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T19:19:45Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547", "reference_id": "?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T19:19:45Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30919ab80a478f2d81f2e9acdcca3fa4740cd547" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/201301?format=api", "purl": "pkg:deb/debian/openssl@1.0.0d-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.0d-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-23839" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zy7d-j4nm-a3hs" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }