Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/355152?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "nss", "version": "2:3.110-1+deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2:3.110-1+deb13u2", "latest_non_vulnerable_version": "2:3.124-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56224?format=api", "vulnerability_id": "VCID-13wx-hrvm-ubf7", "summary": "nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50893", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703979", "reference_id": "1703979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1951", "reference_id": "RHSA-2019:1951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2237", "reference_id": "RHSA-2019:2237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0876", "reference_id": "RHSA-2021:0876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0876" }, { "reference_url": "https://usn.ubuntu.com/4215-1/", "reference_id": "USN-4215-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4215-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355177?format=api", "purl": "pkg:deb/debian/nss@2:3.45-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.45-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17007" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13wx-hrvm-ubf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/997?format=api", "vulnerability_id": "VCID-1y2k-f5xt-j3cs", "summary": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48271", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377", "reference_id": "2170377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "reference_url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html", "reference_id": "ALAS-2023-1992.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1252", "reference_id": "RHSA-2023:1252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1332", "reference_id": "RHSA-2023:1332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1365", "reference_id": "RHSA-2023:1365", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1366", "reference_id": "RHSA-2023:1366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1368", "reference_id": "RHSA-2023:1368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1369", "reference_id": "RHSA-2023:1369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1370", "reference_id": "RHSA-2023:1370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1406", "reference_id": "RHSA-2023:1406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1436", "reference_id": "RHSA-2023:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1677", "reference_id": "RHSA-2023:1677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640", "reference_id": "show_bug.cgi?id=1804640", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5892-1/", "reference_id": "USN-5892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-1/" }, { "reference_url": "https://usn.ubuntu.com/5892-2/", "reference_id": "USN-5892-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-2/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355191?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0767" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1y2k-f5xt-j3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2312?format=api", "vulnerability_id": "VCID-2b7j-hzma-nbfb", "summary": "Security researcher Kaspar Brand found a flaw in how the\nNetwork Security Services (NSS) ASN.1 decoder handles zero length items. Effects\nof this issue depend on the field. One known symptom is an unexploitable crash\nin handling OCSP responses. NSS also mishandles zero-length basic constraints,\nassuming default values for some types that should be rejected as malformed.\nThese issues have been addressed in NSS 3.13.4, which is now being used by\nMozilla.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0441.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03581", "scoring_system": "epss", "scoring_elements": "0.8794", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0441" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=827833", "reference_id": "827833", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=827833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441", "reference_id": "CVE-2012-0441", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-39", "reference_id": "mfsa2012-39", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1090", "reference_id": "RHSA-2012:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1091", "reference_id": "RHSA-2012:1091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1091" }, { "reference_url": "https://usn.ubuntu.com/1463-1/", "reference_id": "USN-1463-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1463-1/" }, { "reference_url": "https://usn.ubuntu.com/1463-4/", "reference_id": "USN-1463-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1463-4/" }, { "reference_url": "https://usn.ubuntu.com/1463-6/", "reference_id": "USN-1463-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1463-6/" }, { "reference_url": "https://usn.ubuntu.com/1540-1/", "reference_id": "USN-1540-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1540-1/" }, { "reference_url": "https://usn.ubuntu.com/1540-2/", "reference_id": "USN-1540-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1540-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355156?format=api", "purl": "pkg:deb/debian/nss@3.13.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.13.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-0441" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2b7j-hzma-nbfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140?format=api", "vulnerability_id": "VCID-2tdh-tupa-23en", "summary": "NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47874", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056284", "reference_id": "1056284", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056284" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243644", "reference_id": "2243644", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243644" }, { "reference_url": "https://security.gentoo.org/glsa/202508-04", "reference_id": "GLSA-202508-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202508-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-12/", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:53:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-12/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-13", "reference_id": "mfsa2024-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-13/", "reference_id": "mfsa2024-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:53:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-14", "reference_id": "mfsa2024-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-14/", "reference_id": "mfsa2024-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:53:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-14/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:53:28Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:53:28Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0093", "reference_id": "RHSA-2024:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0105", "reference_id": "RHSA-2024:0105", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0105" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0106", "reference_id": "RHSA-2024:0106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0107", "reference_id": "RHSA-2024:0107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0108", "reference_id": "RHSA-2024:0108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1483", "reference_id": "RHSA-2024:1483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1484", "reference_id": "RHSA-2024:1484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1485", "reference_id": "RHSA-2024:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1486", "reference_id": "RHSA-2024:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1487", "reference_id": "RHSA-2024:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1488", "reference_id": "RHSA-2024:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1489", "reference_id": "RHSA-2024:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1490", "reference_id": "RHSA-2024:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1491", "reference_id": "RHSA-2024:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1492", "reference_id": "RHSA-2024:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1493", "reference_id": "RHSA-2024:1493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1494", "reference_id": "RHSA-2024:1494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1495", "reference_id": "RHSA-2024:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1496", "reference_id": "RHSA-2024:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1497", "reference_id": "RHSA-2024:1497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1498", "reference_id": "RHSA-2024:1498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1499", "reference_id": "RHSA-2024:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1500", "reference_id": "RHSA-2024:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1500" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1780432", "reference_id": "show_bug.cgi?id=1780432", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-19T15:53:28Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1780432" }, { "reference_url": "https://usn.ubuntu.com/6703-1/", "reference_id": "USN-6703-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6703-1/" }, { "reference_url": "https://usn.ubuntu.com/6717-1/", "reference_id": "USN-6717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6717-1/" }, { "reference_url": "https://usn.ubuntu.com/6727-1/", "reference_id": "USN-6727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355193?format=api", "purl": "pkg:deb/debian/nss@2:3.98-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.98-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5388" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2tdh-tupa-23en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50861?format=api", "vulnerability_id": "VCID-2ypw-vkgz-77e5", "summary": "nss: Check length of inputs for cryptographic primitives", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03036", "scoring_system": "epss", "scoring_elements": "0.86896", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775916", "reference_id": "1775916", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3280", "reference_id": "RHSA-2020:3280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0758", "reference_id": "RHSA-2021:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0876", "reference_id": "RHSA-2021:0876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1026", "reference_id": "RHSA-2021:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1026" }, { "reference_url": "https://usn.ubuntu.com/4231-1/", "reference_id": "USN-4231-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4231-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355179?format=api", "purl": "pkg:deb/debian/nss@2:3.47-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.47-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17006" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ypw-vkgz-77e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63381?format=api", "vulnerability_id": "VCID-3319-jstz-juhx", "summary": "nss: Null pointer dereference when handling empty SSLv2 messages", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01449", "scoring_system": "epss", "scoring_elements": "0.81077", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7502" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1446631", "reference_id": "1446631", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1446631" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863839", "reference_id": "863839", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1364", "reference_id": "RHSA-2017:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1365", "reference_id": "RHSA-2017:1365", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1567", "reference_id": "RHSA-2017:1567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1567" }, { "reference_url": "https://usn.ubuntu.com/3336-1/", "reference_id": "USN-3336-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3336-1/" }, { "reference_url": "https://usn.ubuntu.com/3372-1/", "reference_id": "USN-3372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3372-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355172?format=api", "purl": "pkg:deb/debian/nss@2:3.26.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.26.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7502" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3319-jstz-juhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1563?format=api", "vulnerability_id": "VCID-3c4a-9z8y-vbec", "summary": "When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63398", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728436", "reference_id": "1728436", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728436" }, { "reference_url": "https://security.archlinux.org/ASA-201907-4", "reference_id": "ASA-201907-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201907-4" }, { "reference_url": "https://security.archlinux.org/AVG-1002", "reference_id": "AVG-1002", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1002" }, { "reference_url": "https://security.gentoo.org/glsa/201908-12", "reference_id": "GLSA-201908-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-12" }, { "reference_url": "https://security.gentoo.org/glsa/201908-20", "reference_id": "GLSA-201908-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-21", "reference_id": "mfsa2019-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-22", "reference_id": "mfsa2019-22", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-23", "reference_id": "mfsa2019-23", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-28", "reference_id": "mfsa2019-28", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1951", "reference_id": "RHSA-2019:1951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4054-1/", "reference_id": "USN-4054-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4054-1/" }, { "reference_url": "https://usn.ubuntu.com/4060-1/", "reference_id": "USN-4060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4060-1/" }, { "reference_url": "https://usn.ubuntu.com/4060-2/", "reference_id": "USN-4060-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4060-2/" }, { "reference_url": "https://usn.ubuntu.com/4064-1/", "reference_id": "USN-4064-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4064-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355177?format=api", "purl": "pkg:deb/debian/nss@2:3.45-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.45-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11719" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3c4a-9z8y-vbec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2088?format=api", "vulnerability_id": "VCID-3hvn-sszd-dqdg", "summary": "Mozilla community member Ambroz Bizjak reported an\nout-of-bounds array read in the CERT_DecodeCertPackage function of\nthe Network Security Services (NSS) library when decoding a certificate. When\nthis occurs, it will lead to memory corruption and a non-exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0791.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0791.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0791", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02678", "scoring_system": "epss", "scoring_elements": "0.86083", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0791" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=946947", "reference_id": "946947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=946947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791", "reference_id": "CVE-2013-0791", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791" }, { "reference_url": "https://security.gentoo.org/glsa/201309-23", "reference_id": "GLSA-201309-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-40", "reference_id": "mfsa2013-40", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-40" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1135", "reference_id": "RHSA-2013:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1144", "reference_id": "RHSA-2013:1144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1181", "reference_id": "RHSA-2013:1181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1181" }, { "reference_url": "https://usn.ubuntu.com/1786-1/", "reference_id": "USN-1786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1786-1/" }, { "reference_url": "https://usn.ubuntu.com/1791-1/", "reference_id": "USN-1791-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1791-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355157?format=api", "purl": "pkg:deb/debian/nss@2:3.14.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.14.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0791" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hvn-sszd-dqdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/147?format=api", "vulnerability_id": "VCID-43xd-mvbk-jkhp", "summary": "An unchecked return value in TLS handshake code could have caused a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01571", "scoring_system": "epss", "scoring_elements": "0.81838", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260012", "reference_id": "2260012", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260012" }, { "reference_url": "https://security.gentoo.org/glsa/202402-26", "reference_id": "GLSA-202402-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-26" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-01", "reference_id": "mfsa2024-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", "reference_id": "mfsa2024-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-13", "reference_id": "mfsa2024-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-13/", "reference_id": "mfsa2024-13", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-14", "reference_id": "mfsa2024-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-14/", "reference_id": "mfsa2024-14", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-14/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html", "reference_id": "msg00010.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1483", "reference_id": "RHSA-2024:1483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1484", "reference_id": "RHSA-2024:1484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1485", "reference_id": "RHSA-2024:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1486", "reference_id": "RHSA-2024:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1487", "reference_id": "RHSA-2024:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1488", "reference_id": "RHSA-2024:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1489", "reference_id": "RHSA-2024:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1490", "reference_id": "RHSA-2024:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1491", "reference_id": "RHSA-2024:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1492", "reference_id": "RHSA-2024:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1493", "reference_id": "RHSA-2024:1493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1494", "reference_id": "RHSA-2024:1494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1495", "reference_id": "RHSA-2024:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1496", "reference_id": "RHSA-2024:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1497", "reference_id": "RHSA-2024:1497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1498", "reference_id": "RHSA-2024:1498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1499", "reference_id": "RHSA-2024:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1500", "reference_id": "RHSA-2024:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1500" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1867408", "reference_id": "show_bug.cgi?id=1867408", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1867408" }, { "reference_url": "https://usn.ubuntu.com/6610-1/", "reference_id": "USN-6610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6610-1/" }, { "reference_url": "https://usn.ubuntu.com/6717-1/", "reference_id": "USN-6717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6717-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355196?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355195?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355197?format=api", "purl": "pkg:deb/debian/nss@2:3.96.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.96.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0743" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43xd-mvbk-jkhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/433?format=api", "vulnerability_id": "VCID-5dqq-xwr4-pbfv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16629", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460086", "reference_id": "2460086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460086" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023209", "reference_id": "show_bug.cgi?id=2023209", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023209" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355203?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355202?format=api", "purl": "pkg:deb/debian/nss@2:3.123-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6767" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dqq-xwr4-pbfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70233?format=api", "vulnerability_id": "VCID-67az-bzxs-5kes", "summary": "SSL/TLS: CBC padding timing attack (lucky-13)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0169.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00943", "scoring_system": "epss", "scoring_elements": "0.76584", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885", "reference_id": "699885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888", "reference_id": "699888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889", "reference_id": "699889", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589", "reference_id": "907589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "reference_url": "https://security.gentoo.org/glsa/201310-10", "reference_id": "GLSA-201310-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-10" }, { "reference_url": "https://security.gentoo.org/glsa/201312-03", "reference_id": "GLSA-201312-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-03" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0273", "reference_id": "RHSA-2013:0273", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0274", "reference_id": "RHSA-2013:0274", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0274" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0275", "reference_id": "RHSA-2013:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0531", "reference_id": "RHSA-2013:0531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0532", "reference_id": "RHSA-2013:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0587", "reference_id": "RHSA-2013:0587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0636", "reference_id": "RHSA-2013:0636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0782", "reference_id": "RHSA-2013:0782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0783", "reference_id": "RHSA-2013:0783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0833", "reference_id": "RHSA-2013:0833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1013", "reference_id": "RHSA-2013:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0416", "reference_id": "RHSA-2014:0416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://usn.ubuntu.com/1732-1/", "reference_id": "USN-1732-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-1/" }, { "reference_url": "https://usn.ubuntu.com/1732-3/", "reference_id": "USN-1732-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1732-3/" }, { "reference_url": "https://usn.ubuntu.com/1735-1/", "reference_id": "USN-1735-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1735-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355157?format=api", "purl": "pkg:deb/debian/nss@2:3.14.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.14.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0169" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67az-bzxs-5kes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3071?format=api", "vulnerability_id": "VCID-6edx-mm7m-p3hv", "summary": "Mozilla community member Watson Ladd reported that the\nimplementation of Elliptical Curve Cryptography (ECC) multiplication for\nElliptic Curve Digital Signature Algorithm (ECDSA) signature validation in\nNetwork Security Services (NSS) did not handle exceptional cases correctly. This\ncould potentially allow for signature forgery. This issue was fixed in NSS\nversion 3.19.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2730.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45562", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2730" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236954", "reference_id": "1236954", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730", "reference_id": "CVE-2015-2730", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730" }, { "reference_url": "https://security.gentoo.org/glsa/201512-10", "reference_id": "GLSA-201512-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-64", "reference_id": "mfsa2015-64", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-64" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1664", "reference_id": "RHSA-2015:1664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1699", "reference_id": "RHSA-2015:1699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1699" }, { "reference_url": "https://usn.ubuntu.com/2656-1/", "reference_id": "USN-2656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-1/" }, { "reference_url": "https://usn.ubuntu.com/2656-2/", "reference_id": "USN-2656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-2/" }, { "reference_url": "https://usn.ubuntu.com/2672-1/", "reference_id": "USN-2672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2672-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355165?format=api", "purl": "pkg:deb/debian/nss@2:3.19.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.19.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-2730" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6edx-mm7m-p3hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1823?format=api", "vulnerability_id": "VCID-73hk-8ry1-cfdf", "summary": "After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34673", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039572", "reference_id": "2039572", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039572" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735028", "reference_id": "show_bug.cgi?id=1735028", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735028" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" }, { "reference_url": "https://usn.ubuntu.com/5506-1/", "reference_id": "USN-5506-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5506-1/" }, { "reference_url": "https://usn.ubuntu.com/5872-1/", "reference_id": "USN-5872-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5872-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355188?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355186?format=api", "purl": "pkg:deb/debian/nss@2:3.73-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.73-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-22747" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73hk-8ry1-cfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1560?format=api", "vulnerability_id": "VCID-7qdp-s55r-xqhh", "summary": "Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11729.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11729.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67899", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728437", "reference_id": "1728437", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728437" }, { "reference_url": "https://security.archlinux.org/ASA-201907-4", "reference_id": "ASA-201907-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201907-4" }, { "reference_url": "https://security.archlinux.org/AVG-1002", "reference_id": "AVG-1002", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1002" }, { "reference_url": "https://security.gentoo.org/glsa/201908-12", "reference_id": "GLSA-201908-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-12" }, { "reference_url": "https://security.gentoo.org/glsa/201908-20", "reference_id": "GLSA-201908-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-21", "reference_id": "mfsa2019-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-22", "reference_id": "mfsa2019-22", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-23", "reference_id": "mfsa2019-23", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-28", "reference_id": "mfsa2019-28", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1951", "reference_id": "RHSA-2019:1951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4190", "reference_id": "RHSA-2019:4190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4190" }, { "reference_url": "https://usn.ubuntu.com/4054-1/", "reference_id": "USN-4054-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4054-1/" }, { "reference_url": "https://usn.ubuntu.com/4060-1/", "reference_id": "USN-4060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4060-1/" }, { "reference_url": "https://usn.ubuntu.com/4060-2/", "reference_id": "USN-4060-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4060-2/" }, { "reference_url": "https://usn.ubuntu.com/4064-1/", "reference_id": "USN-4064-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4064-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355177?format=api", "purl": "pkg:deb/debian/nss@2:3.45-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.45-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11729" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7qdp-s55r-xqhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46?format=api", "vulnerability_id": "VCID-7vub-2tme-ffbs", "summary": "Calling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1954", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303148", "reference_id": "2303148", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303148" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905691", "reference_id": "show_bug.cgi?id=1905691", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905691" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355190?format=api", "purl": "pkg:deb/debian/nss@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355199?format=api", "purl": "pkg:deb/debian/nss@2:3.103-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.103-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-7531" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vub-2tme-ffbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152?format=api", "vulnerability_id": "VCID-7yym-bd42-aydg", "summary": "When almost out-of-memory an elliptic curve key which was never allocated could have been freed again.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68988", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6609" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839258", "reference_id": "show_bug.cgi?id=1839258", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839258" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355196?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355195?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355198?format=api", "purl": "pkg:deb/debian/nss@2:3.101-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.101-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6609" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7yym-bd42-aydg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57847?format=api", "vulnerability_id": "VCID-85ny-5axt-vkgq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12384.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70424", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12384" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622089", "reference_id": "1622089", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622089" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908332", "reference_id": "908332", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2768", "reference_id": "RHSA-2018:2768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2898", "reference_id": "RHSA-2018:2898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2898" }, { "reference_url": "https://usn.ubuntu.com/3850-1/", "reference_id": "USN-3850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3850-1/" }, { "reference_url": "https://usn.ubuntu.com/3850-2/", "reference_id": "USN-3850-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3850-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355174?format=api", "purl": "pkg:deb/debian/nss@2:3.39-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.39-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-12384" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85ny-5axt-vkgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64373?format=api", "vulnerability_id": "VCID-86dx-a3mk-9yhx", "summary": "nss: small-subgroups attack flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8635.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8635.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.6191", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8635" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8635", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8635" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391818", "reference_id": "1391818", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391818" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2779", "reference_id": "RHSA-2016:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2779" }, { "reference_url": "https://usn.ubuntu.com/3163-1/", "reference_id": "USN-3163-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3163-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355170?format=api", "purl": "pkg:deb/debian/nss@2:3.25-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.25-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8635" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86dx-a3mk-9yhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/537?format=api", "vulnerability_id": "VCID-8fqj-5gga-nfed", "summary": "An out-of-bounds write during Base64 decoding operation in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5461.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.7003", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7502" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440080", "reference_id": "1440080", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440080" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862958", "reference_id": "862958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862958" }, { "reference_url": "https://security.archlinux.org/ASA-201704-4", "reference_id": "ASA-201704-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201704-4" }, { "reference_url": "https://security.archlinux.org/ASA-201704-6", "reference_id": "ASA-201704-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201704-6" }, { "reference_url": "https://security.archlinux.org/ASA-201705-21", "reference_id": "ASA-201705-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201705-21" }, { "reference_url": "https://security.archlinux.org/AVG-247", "reference_id": "AVG-247", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-247" }, { "reference_url": "https://security.archlinux.org/AVG-248", "reference_id": "AVG-248", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-248" }, { "reference_url": "https://security.archlinux.org/AVG-249", "reference_id": "AVG-249", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-249" }, { "reference_url": "https://security.gentoo.org/glsa/201705-04", "reference_id": "GLSA-201705-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-04" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10", "reference_id": "mfsa2017-10", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11", "reference_id": "mfsa2017-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12", "reference_id": "mfsa2017-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13", "reference_id": "mfsa2017-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1100", "reference_id": "RHSA-2017:1100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1101", "reference_id": "RHSA-2017:1101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1102", "reference_id": "RHSA-2017:1102", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1102" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1103", "reference_id": "RHSA-2017:1103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1103" }, { "reference_url": "https://usn.ubuntu.com/3260-1/", "reference_id": "USN-3260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3260-1/" }, { "reference_url": "https://usn.ubuntu.com/3270-1/", "reference_id": "USN-3270-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3270-1/" }, { "reference_url": "https://usn.ubuntu.com/3278-1/", "reference_id": "USN-3278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3278-1/" }, { "reference_url": "https://usn.ubuntu.com/3372-1/", "reference_id": "USN-3372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3372-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355172?format=api", "purl": "pkg:deb/debian/nss@2:3.26.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.26.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5461" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fqj-5gga-nfed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/564?format=api", "vulnerability_id": "VCID-8xmq-xuka-rudn", "summary": "A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5462.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01072", "scoring_system": "epss", "scoring_elements": "0.78048", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7502" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443348", "reference_id": "1443348", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443348" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862958", "reference_id": "862958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862958" }, { "reference_url": "https://security.gentoo.org/glsa/201705-04", "reference_id": "GLSA-201705-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-04" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10", "reference_id": "mfsa2017-10", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11", "reference_id": "mfsa2017-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12", "reference_id": "mfsa2017-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13", "reference_id": "mfsa2017-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13" }, { "reference_url": "https://usn.ubuntu.com/3260-1/", "reference_id": "USN-3260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3260-1/" }, { "reference_url": "https://usn.ubuntu.com/3278-1/", "reference_id": "USN-3278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355172?format=api", "purl": "pkg:deb/debian/nss@2:3.26.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.26.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5462" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xmq-xuka-rudn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2755?format=api", "vulnerability_id": "VCID-8y3y-wqf8-23eg", "summary": "Mozilla developer Brian Smith and security researchers\nAntoine Delignat-Lavaud and Karthikeyan\nBhargavan of the Prosecco research team at INRIA Paris reported issues\nwith ticket handling in the Network Security Services (NSS) libraries. These\nhave been addressed in the NSS 3.15.4 release, shipping on affected platforms.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1490.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81822", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1490" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060953", "reference_id": "1060953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1490", "reference_id": "CVE-2014-1490", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1490" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-12", "reference_id": "mfsa2014-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0917", "reference_id": "RHSA-2014:0917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1246", "reference_id": "RHSA-2014:1246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1246" }, { "reference_url": "https://usn.ubuntu.com/2102-1/", "reference_id": "USN-2102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2102-1/" }, { "reference_url": "https://usn.ubuntu.com/2119-1/", "reference_id": "USN-2119-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2119-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355159?format=api", "purl": "pkg:deb/debian/nss@2:3.15.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1490" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8y3y-wqf8-23eg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2944?format=api", "vulnerability_id": "VCID-9wd5-tsfw-eke4", "summary": "Security researcher Karthikeyan Bhargavan reported an issue\nin Network Security Services (NSS) where MD5 signatures in the server signature within the\nTLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has\nofficially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This\nissues exposes NSS based clients such as Firefox to theoretical collision-based forgery\nattacks. This issue was fixed in NSS version 3.20.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0107", "scoring_system": "epss", "scoring_elements": "0.78029", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841", "reference_id": "1289841", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1289841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "CVE-2015-7575", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://security.gentoo.org/glsa/201706-18", "reference_id": "GLSA-201706-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-18" }, { "reference_url": "https://security.gentoo.org/glsa/201801-15", "reference_id": "GLSA-201801-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150", "reference_id": "mfsa2015-150", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0007", "reference_id": "RHSA-2016:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0008", "reference_id": "RHSA-2016:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0012", "reference_id": "RHSA-2016:0012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2863-1/", "reference_id": "USN-2863-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2863-1/" }, { "reference_url": "https://usn.ubuntu.com/2864-1/", "reference_id": "USN-2864-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2864-1/" }, { "reference_url": "https://usn.ubuntu.com/2865-1/", "reference_id": "USN-2865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2865-1/" }, { "reference_url": "https://usn.ubuntu.com/2866-1/", "reference_id": "USN-2866-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2866-1/" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2904-1/", "reference_id": "USN-2904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355167?format=api", "purl": "pkg:deb/debian/nss@2:3.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7575" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9wd5-tsfw-eke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70234?format=api", "vulnerability_id": "VCID-a5sf-mq4g-7fgh", "summary": "nss: TLS CBC padding timing attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1620.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00855", "scoring_system": "epss", "scoring_elements": "0.7526", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1620" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888", "reference_id": "699888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=908234", "reference_id": "908234", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908234" }, { "reference_url": "https://security.gentoo.org/glsa/201406-19", "reference_id": "GLSA-201406-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1135", "reference_id": "RHSA-2013:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1144", "reference_id": "RHSA-2013:1144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1181", "reference_id": "RHSA-2013:1181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1181" }, { "reference_url": "https://usn.ubuntu.com/1763-1/", "reference_id": "USN-1763-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1763-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355157?format=api", "purl": "pkg:deb/debian/nss@2:3.14.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.14.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1620" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5sf-mq4g-7fgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1134?format=api", "vulnerability_id": "VCID-bnkf-cbew-aqcj", "summary": "After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00894", "scoring_system": "epss", "scoring_elements": "0.75924", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791225", "reference_id": "1791225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791225" }, { "reference_url": "https://security.archlinux.org/ASA-202001-1", "reference_id": "ASA-202001-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202001-1" }, { "reference_url": "https://security.archlinux.org/AVG-1084", "reference_id": "AVG-1084", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1084" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-01", "reference_id": "mfsa2020-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3280", "reference_id": "RHSA-2020:3280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4234-1/", "reference_id": "USN-4234-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4234-1/" }, { "reference_url": "https://usn.ubuntu.com/4397-1/", "reference_id": "USN-4397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355180?format=api", "purl": "pkg:deb/debian/nss@2:3.49-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.49-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17023" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnkf-cbew-aqcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1867?format=api", "vulnerability_id": "VCID-c3q5-juta-6qa5", "summary": "Mozilla has updated the version of Network Security Services\n(NSS) library used in Firefox to NSS 3.23. This addresses four moderate rated\nnetworking security issues reported by Mozilla engineers Tyson Smith and\nJed Davis.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60906", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347908", "reference_id": "1347908", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834", "reference_id": "CVE-2016-2834", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-61", "reference_id": "mfsa2016-61", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-61" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2779", "reference_id": "RHSA-2016:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2779" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" }, { "reference_url": "https://usn.ubuntu.com/3029-1/", "reference_id": "USN-3029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355169?format=api", "purl": "pkg:deb/debian/nss@2:3.23-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.23-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2834" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c3q5-juta-6qa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1260?format=api", "vulnerability_id": "VCID-cg71-bce4-n3cm", "summary": "NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \\#7, or PKCS \\#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43527.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43527.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05243", "scoring_system": "epss", "scoring_elements": "0.90112", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024370", "reference_id": "2024370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024370" }, { "reference_url": "https://security.archlinux.org/ASA-202112-3", "reference_id": "ASA-202112-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-3" }, { "reference_url": "https://security.archlinux.org/ASA-202112-4", "reference_id": "ASA-202112-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-4" }, { "reference_url": "https://security.archlinux.org/AVG-2596", "reference_id": "AVG-2596", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2596" }, { "reference_url": "https://security.archlinux.org/AVG-2597", "reference_id": "AVG-2597", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2597" }, { "reference_url": "https://security.gentoo.org/glsa/202212-05", "reference_id": "GLSA-202212-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-51", "reference_id": "mfsa2021-51", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-51" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4903", "reference_id": "RHSA-2021:4903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4904", "reference_id": "RHSA-2021:4904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4907", "reference_id": "RHSA-2021:4907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4909", "reference_id": "RHSA-2021:4909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4919", "reference_id": "RHSA-2021:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4932", "reference_id": "RHSA-2021:4932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4933", "reference_id": "RHSA-2021:4933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4946", "reference_id": "RHSA-2021:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4953", "reference_id": "RHSA-2021:4953", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4954", "reference_id": "RHSA-2021:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4969", "reference_id": "RHSA-2021:4969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4994", "reference_id": "RHSA-2021:4994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5006", "reference_id": "RHSA-2021:5006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5035", "reference_id": "RHSA-2021:5035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5035" }, { "reference_url": "https://usn.ubuntu.com/5168-1/", "reference_id": "USN-5168-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5168-1/" }, { "reference_url": "https://usn.ubuntu.com/5168-2/", "reference_id": "USN-5168-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5168-2/" }, { "reference_url": "https://usn.ubuntu.com/5168-3/", "reference_id": "USN-5168-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5168-3/" }, { "reference_url": "https://usn.ubuntu.com/5168-4/", "reference_id": "USN-5168-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5168-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355187?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355186?format=api", "purl": "pkg:deb/debian/nss@2:3.73-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.73-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-43527" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cg71-bce4-n3cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2697?format=api", "vulnerability_id": "VCID-crjp-qc36-wfb7", "summary": "Security researchers Tyson Smith and Jesse\nSchwartzentruber used the Address Sanitizer tool while fuzzing to\ndiscover a use-after-free error resulting in a crash. This is a result of a pair\nof NSSCertificate structures being added to a trust domain and then\none of them is removed while they are still in use by the trusted cache. This\ncrash is potentially exploitable.\nThis issue was addressed in the Network Security Services (NSS) library in version 3.16.2, \nshipping on affected platforms.In general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1544.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87343", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1544" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116198", "reference_id": "1116198", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544", "reference_id": "CVE-2014-1544", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-63", "reference_id": "mfsa2014-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-63" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0915", "reference_id": "RHSA-2014:0915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0916", "reference_id": "RHSA-2014:0916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0917", "reference_id": "RHSA-2014:0917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1165", "reference_id": "RHSA-2014:1165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1165" }, { "reference_url": "https://usn.ubuntu.com/2295-1/", "reference_id": "USN-2295-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2295-1/" }, { "reference_url": "https://usn.ubuntu.com/2296-1/", "reference_id": "USN-2296-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2296-1/" }, { "reference_url": "https://usn.ubuntu.com/2343-1/", "reference_id": "USN-2343-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2343-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355162?format=api", "purl": "pkg:deb/debian/nss@2:3.16.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.16.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1544" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crjp-qc36-wfb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2708?format=api", "vulnerability_id": "VCID-czk2-34xv-pbfr", "summary": "Antoine Delignat-Lavaud, security researcher at Inria Paris\nin team Prosecco, reported an issue in Network Security Services (NSS) libraries\naffecting all versions. He discovered that NSS is vulnerable to a variant of a\nsignature forgery attack previously published by Daniel Bleichenbacher. This is\ndue to lenient parsing of ASN.1 values involved in a signature and could lead to\nthe forging of RSA certificates.The Advanced Threat Research team at Intel Security also independently\ndiscovered and reported this issue.These have been addressed in the NSS releases shipping on affected Mozilla\nproducts:", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1568.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1568.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.336", "scoring_system": "epss", "scoring_elements": "0.97017", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1568" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", "reference_id": "1145429", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568", "reference_id": "CVE-2014-1568", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-73", "reference_id": "mfsa2014-73", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-73" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1307", "reference_id": "RHSA-2014:1307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1354", "reference_id": "RHSA-2014:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1371", "reference_id": "RHSA-2014:1371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1371" }, { "reference_url": "https://usn.ubuntu.com/2360-1/", "reference_id": "USN-2360-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2360-1/" }, { "reference_url": "https://usn.ubuntu.com/2360-2/", "reference_id": "USN-2360-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2360-2/" }, { "reference_url": "https://usn.ubuntu.com/2361-1/", "reference_id": "USN-2361-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2361-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355163?format=api", "purl": "pkg:deb/debian/nss@2:3.17.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.17.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1568" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-czk2-34xv-pbfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46917?format=api", "vulnerability_id": "VCID-dfch-mh2w-5fgu", "summary": "nss: Information exposure when DH secret are reused across multiple TLS connections", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12413.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12413.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50577", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12413" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877557", "reference_id": "1877557", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877557" }, { "reference_url": "https://raccoon-attack.com/", "reference_id": "raccoon-attack.com", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T15:23:13Z/" } ], "url": "https://raccoon-attack.com/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2020-12413", "reference_id": "show_bug.cgi?id=CVE-2020-12413", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T15:23:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2020-12413" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355184?format=api", "purl": "pkg:deb/debian/nss@2:3.17-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.17-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12413" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dfch-mh2w-5fgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47600?format=api", "vulnerability_id": "VCID-e6yt-xzqm-8qds", "summary": "nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12403.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12403.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12403" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868931", "reference_id": "1868931", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868931" }, { "reference_url": "https://security.gentoo.org/glsa/202008-08", "reference_id": "GLSA-202008-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0538", "reference_id": "RHSA-2021:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0758", "reference_id": "RHSA-2021:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0876", "reference_id": "RHSA-2021:0876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1026", "reference_id": "RHSA-2021:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1026" }, { "reference_url": "https://usn.ubuntu.com/4476-1/", "reference_id": "USN-4476-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4476-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355182?format=api", "purl": "pkg:deb/debian/nss@2:3.55-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.55-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12403" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6yt-xzqm-8qds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1152?format=api", "vulnerability_id": "VCID-ebcw-tanv-sba9", "summary": "During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40355", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12401" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851294", "reference_id": "1851294", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851294" }, { "reference_url": "https://security.gentoo.org/glsa/202008-08", "reference_id": "GLSA-202008-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36", "reference_id": "mfsa2020-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-39", "reference_id": "mfsa2020-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0538", "reference_id": "RHSA-2021:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4455-1/", "reference_id": "USN-4455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4455-1/" }, { "reference_url": "https://usn.ubuntu.com/4474-1/", "reference_id": "USN-4474-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4474-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355182?format=api", "purl": "pkg:deb/debian/nss@2:3.55-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.55-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12401" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebcw-tanv-sba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86?format=api", "vulnerability_id": "VCID-fgat-rwky-9kfd", "summary": "A mismatch between allocator and deallocator could have led to memory corruption.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73796", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296637", "reference_id": "2296637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296637" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4625", "reference_id": "RHSA-2024:4625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4670", "reference_id": "RHSA-2024:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4671", "reference_id": "RHSA-2024:4671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4717", "reference_id": "RHSA-2024:4717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4718", "reference_id": "RHSA-2024:4718", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4718" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4894", "reference_id": "RHSA-2024:4894", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4894" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032", "reference_id": "show_bug.cgi?id=1895032", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" }, { "reference_url": "https://usn.ubuntu.com/6903-1/", "reference_id": "USN-6903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355196?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355195?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355198?format=api", "purl": "pkg:deb/debian/nss@2:3.101-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.101-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6602" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgat-rwky-9kfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/334?format=api", "vulnerability_id": "VCID-gk4z-t62t-bkha", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18203", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442292", "reference_id": "2442292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442292" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009552", "reference_id": "show_bug.cgi?id=2009552", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009552" }, { "reference_url": "https://usn.ubuntu.com/8071-1/", "reference_id": "USN-8071-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8071-1/" }, { "reference_url": "https://usn.ubuntu.com/8071-2/", "reference_id": "USN-8071-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8071-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355200?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355201?format=api", "purl": "pkg:deb/debian/nss@2:3.121-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.121-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-2781" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gk4z-t62t-bkha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1031?format=api", "vulnerability_id": "VCID-gxau-xxpj-fufj", "summary": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6135.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6135.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41448", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6135" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059054", "reference_id": "1059054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906", "reference_id": "2249906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249906" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56", "reference_id": "mfsa2023-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-56/", "reference_id": "mfsa2023-56", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T18:59:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-56/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0785", "reference_id": "RHSA-2024:0785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0786", "reference_id": "RHSA-2024:0786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0790", "reference_id": "RHSA-2024:0790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0791", "reference_id": "RHSA-2024:0791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1686", "reference_id": "RHSA-2024:1686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908", "reference_id": "show_bug.cgi?id=1853908", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T18:59:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908" }, { "reference_url": "https://usn.ubuntu.com/6562-1/", "reference_id": "USN-6562-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6562-1/" }, { "reference_url": "https://usn.ubuntu.com/6727-1/", "reference_id": "USN-6727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355194?format=api", "purl": "pkg:deb/debian/nss@2:3.95-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.95-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6135" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gxau-xxpj-fufj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1965?format=api", "vulnerability_id": "VCID-h76y-kvt6-ebfr", "summary": "Mozilla has updated the version of Network Security\nServices (NSS) library used in Mozilla projects to NSS 3.15.3 with the\nexception of ESR17-based releases, which have been updated to NSS 3.14.5. This\naddresses several moderate to critical rated networking security issues.Google developer Andrew Tinits reported a potentially\nexploitable buffer overflow that was fixed in both NSS 3.15.3 and NSS\n3.14.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5606.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5606.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00661", "scoring_system": "epss", "scoring_elements": "0.71486", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5606" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031457", "reference_id": "1031457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031457" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735105", "reference_id": "735105", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735105" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606", "reference_id": "CVE-2013-5606", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606" }, { "reference_url": "https://security.gentoo.org/glsa/201406-19", "reference_id": "GLSA-201406-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-19" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-103", "reference_id": "mfsa2013-103", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1791", "reference_id": "RHSA-2013:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1829", "reference_id": "RHSA-2013:1829", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1829" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0041", "reference_id": "RHSA-2014:0041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0041" }, { "reference_url": "https://usn.ubuntu.com/2030-1/", "reference_id": "USN-2030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355160?format=api", "purl": "pkg:deb/debian/nss@2:3.15.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-5606" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h76y-kvt6-ebfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1074?format=api", "vulnerability_id": "VCID-hh1a-udhx-kfh4", "summary": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25575", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826177", "reference_id": "1826177", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826177" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961752", "reference_id": "961752", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961752" }, { "reference_url": "https://security.archlinux.org/ASA-202006-1", "reference_id": "ASA-202006-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202006-1" }, { "reference_url": "https://security.archlinux.org/ASA-202006-4", "reference_id": "ASA-202006-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202006-4" }, { "reference_url": "https://security.archlinux.org/AVG-1173", "reference_id": "AVG-1173", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1173" }, { "reference_url": "https://security.archlinux.org/AVG-1179", "reference_id": "AVG-1179", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1179" }, { "reference_url": "https://security.gentoo.org/glsa/202007-49", "reference_id": "GLSA-202007-49", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-20", "reference_id": "mfsa2020-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-21", "reference_id": "mfsa2020-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-22", "reference_id": "mfsa2020-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3280", "reference_id": "RHSA-2020:3280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "reference_url": "https://usn.ubuntu.com/4383-1/", "reference_id": "USN-4383-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4383-1/" }, { "reference_url": "https://usn.ubuntu.com/4397-1/", "reference_id": "USN-4397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4397-1/" }, { "reference_url": "https://usn.ubuntu.com/4397-2/", "reference_id": "USN-4397-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4397-2/" }, { "reference_url": "https://usn.ubuntu.com/4421-1/", "reference_id": "USN-4421-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4421-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355181?format=api", "purl": "pkg:deb/debian/nss@2:3.53-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.53-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12399" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh1a-udhx-kfh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1620?format=api", "vulnerability_id": "VCID-hhrm-r6gt-zugj", "summary": "A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11727.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11727.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47768", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730988", "reference_id": "1730988", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730988" }, { "reference_url": "https://security.archlinux.org/ASA-201907-4", "reference_id": "ASA-201907-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201907-4" }, { "reference_url": "https://security.archlinux.org/AVG-1002", "reference_id": "AVG-1002", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1002" }, { "reference_url": "https://security.gentoo.org/glsa/201908-12", "reference_id": "GLSA-201908-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-21", "reference_id": "mfsa2019-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-28", "reference_id": "mfsa2019-28", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1951", "reference_id": "RHSA-2019:1951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4054-1/", "reference_id": "USN-4054-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4054-1/" }, { "reference_url": "https://usn.ubuntu.com/4060-1/", "reference_id": "USN-4060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355177?format=api", "purl": "pkg:deb/debian/nss@2:3.45-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.45-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11727" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhrm-r6gt-zugj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71605?format=api", "vulnerability_id": "VCID-hs89-asjt-xqdy", "summary": "nss: /pkcs11.txt and /secmod.db files read on initialization", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3640.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3640.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56923", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3640" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=647614", "reference_id": "647614", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=647614" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=748379", "reference_id": "748379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=748379" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355155?format=api", "purl": "pkg:deb/debian/nss@3.13.1.with.ckbi.1.88-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.13.1.with.ckbi.1.88-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-3640" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hs89-asjt-xqdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/490?format=api", "vulnerability_id": "VCID-hvg5-cywn-yqhf", "summary": "During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7805.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03211", "scoring_system": "epss", "scoring_elements": "0.87248", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471171", "reference_id": "1471171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471171" }, { "reference_url": "https://security.archlinux.org/ASA-201710-19", "reference_id": "ASA-201710-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-19" }, { "reference_url": "https://security.archlinux.org/AVG-441", "reference_id": "AVG-441", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-441" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-21", "reference_id": "mfsa2017-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-22", "reference_id": "mfsa2017-22", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-23", "reference_id": "mfsa2017-23", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-23" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2832", "reference_id": "RHSA-2017:2832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2832" }, { "reference_url": "https://usn.ubuntu.com/3431-1/", "reference_id": "USN-3431-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3431-1/" }, { "reference_url": "https://usn.ubuntu.com/3435-1/", "reference_id": "USN-3435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3435-1/" }, { "reference_url": "https://usn.ubuntu.com/3436-1/", "reference_id": "USN-3436-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3436-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355173?format=api", "purl": "pkg:deb/debian/nss@2:3.33-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.33-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7805" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hvg5-cywn-yqhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2746?format=api", "vulnerability_id": "VCID-j5xg-j8a3-d3fk", "summary": "Security researcher Christian Heimes reported that the Network Security\nServices (NSS) library does not handle IDNA domain prefixes according to RFC 6125 for wildcard\ncertificates. This leads to improper wildcard matching of domains when they\nshould not be matched in compliance with the specification. This issue was fixed\nin NSS version 3.16.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00829", "scoring_system": "epss", "scoring_elements": "0.74833", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1492" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079851", "reference_id": "1079851", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492", "reference_id": "CVE-2014-1492", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-45", "reference_id": "mfsa2014-45", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-45" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0917", "reference_id": "RHSA-2014:0917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1073", "reference_id": "RHSA-2014:1073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1246", "reference_id": "RHSA-2014:1246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1246" }, { "reference_url": "https://usn.ubuntu.com/2159-1/", "reference_id": "USN-2159-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2159-1/" }, { "reference_url": "https://usn.ubuntu.com/2185-1/", "reference_id": "USN-2185-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2185-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355161?format=api", "purl": "pkg:deb/debian/nss@2:3.16-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.16-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1492" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j5xg-j8a3-d3fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/432?format=api", "vulnerability_id": "VCID-jd6h-m6sm-xqbt", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15431", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460097", "reference_id": "2460097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460097" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023207", "reference_id": "show_bug.cgi?id=2023207", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023207" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355203?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355202?format=api", "purl": "pkg:deb/debian/nss@2:3.123-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6766" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jd6h-m6sm-xqbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/219?format=api", "vulnerability_id": "VCID-k8ja-5uz5-zbhe", "summary": "An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79401", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396548", "reference_id": "1396548", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396548" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://usn.ubuntu.com/3163-1/", "reference_id": "USN-3163-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3163-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355171?format=api", "purl": "pkg:deb/debian/nss@2:3.26.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.26.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9074" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k8ja-5uz5-zbhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2173?format=api", "vulnerability_id": "VCID-kvg8-pa7m-2bfg", "summary": "Security researcher Richard Moore reported that\nwhen an SSL certificate was created with a common name containing a\nwildcard followed by a partial IP address a valid SSL connection could be\nestablished with a server whose IP address matched the wildcard range\nby browsing directly to the IP address. It is extremely unlikely that\nsuch a certificate would be issued by a Certificate Authority.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3170.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3170.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3170", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01158", "scoring_system": "epss", "scoring_elements": "0.7888", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3170" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=630047", "reference_id": "630047", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=630047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170", "reference_id": "CVE-2010-3170", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-70", "reference_id": "mfsa2010-70", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-70" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0781", "reference_id": "RHSA-2010:0781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0782", "reference_id": "RHSA-2010:0782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0862", "reference_id": "RHSA-2010:0862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0862" }, { "reference_url": "https://usn.ubuntu.com/1007-1/", "reference_id": "USN-1007-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1007-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355154?format=api", "purl": "pkg:deb/debian/nss@3.12.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3170" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kvg8-pa7m-2bfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42036?format=api", "vulnerability_id": "VCID-m8vy-5me8-jfby", "summary": "nss: nss client auth crash without a user certificate in the database", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3479.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41754", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3479" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021786", "reference_id": "1021786", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021786" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134331", "reference_id": "2134331", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T16:06:39Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134331" }, { "reference_url": "https://security.gentoo.org/glsa/202212-05", "reference_id": "GLSA-202212-05", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T16:06:39Z/" } ], "url": "https://security.gentoo.org/glsa/202212-05" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1774654", "reference_id": "show_bug.cgi?id=1774654", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T16:06:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1774654" }, { "reference_url": "https://usn.ubuntu.com/5892-1/", "reference_id": "USN-5892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355190?format=api", "purl": "pkg:deb/debian/nss@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355189?format=api", "purl": "pkg:deb/debian/nss@2:3.87-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3479" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8vy-5me8-jfby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65893?format=api", "vulnerability_id": "VCID-mbu2-e885-t7et", "summary": "SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0800.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90348", "scoring_system": "epss", "scoring_elements": "0.99616", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310593", "reference_id": "1310593", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310593" }, { "reference_url": "https://security.gentoo.org/glsa/201603-15", "reference_id": "GLSA-201603-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0301", "reference_id": "RHSA-2016:0301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0302", "reference_id": "RHSA-2016:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0303", "reference_id": "RHSA-2016:0303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0304", "reference_id": "RHSA-2016:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0305", "reference_id": "RHSA-2016:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0306", "reference_id": "RHSA-2016:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0372", "reference_id": "RHSA-2016:0372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0379", "reference_id": "RHSA-2016:0379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0379" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0445", "reference_id": "RHSA-2016:0445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0446", "reference_id": "RHSA-2016:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0490", "reference_id": "RHSA-2016:0490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1519", "reference_id": "RHSA-2016:1519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1519" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355168?format=api", "purl": "pkg:deb/debian/nss@3.13?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0800" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mbu2-e885-t7et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/437?format=api", "vulnerability_id": "VCID-mg3r-rr93-zuen", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17109", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460074", "reference_id": "2460074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460074" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2026089", "reference_id": "show_bug.cgi?id=2026089", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2026089" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355203?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355202?format=api", "purl": "pkg:deb/debian/nss@2:3.123-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6772" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mg3r-rr93-zuen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1905?format=api", "vulnerability_id": "VCID-mhmh-rxkf-3fbr", "summary": "Mozilla developer Tim Taubert used the Address Sanitizer tool and\nsoftware fuzzing to discover a use-after-free vulnerability while processing DER encoded\nkeys in the Network Security Services (NSS) libraries. The vulnerability overwrites the\nfreed memory with zeroes. This issue has been addressed in NSS 3.21.1, shipping in Firefox\n45.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72473", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1979" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315202", "reference_id": "1315202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315202" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979", "reference_id": "CVE-2016-1979", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-36", "reference_id": "mfsa2016-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0591", "reference_id": "RHSA-2016:0591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0684", "reference_id": "RHSA-2016:0684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0685", "reference_id": "RHSA-2016:0685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0685" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355167?format=api", "purl": "pkg:deb/debian/nss@2:3.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1979" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhmh-rxkf-3fbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56702?format=api", "vulnerability_id": "VCID-nfx7-2cb9-6yhh", "summary": "nss: NULL pointer dereference in several CMS functions resulting in a denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63095", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18508" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671310", "reference_id": "1671310", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671310" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921614", "reference_id": "921614", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921614" }, { "reference_url": "https://security.gentoo.org/glsa/202003-37", "reference_id": "GLSA-202003-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1951", "reference_id": "RHSA-2019:1951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1951" }, { "reference_url": "https://usn.ubuntu.com/3898-1/", "reference_id": "USN-3898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3898-1/" }, { "reference_url": "https://usn.ubuntu.com/3898-2/", "reference_id": "USN-3898-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3898-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355176?format=api", "purl": "pkg:deb/debian/nss@2:3.42.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.42.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-18508" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfx7-2cb9-6yhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2188?format=api", "vulnerability_id": "VCID-nhbn-aqde-vue5", "summary": "Mozilla cryptographer Nelson Bolyard reported that\nthe SSL implementation was permitting servers to use Diffie-Hellman\nEphemeral mode (DHE) with too short of a minimum key length. DHE keys\nof such lengths are trivially breakable on modern hardware so SSL\nservers operating in this mode were providing very little effective\nsecurity for their clients.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3173.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3173.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3173", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02315", "scoring_system": "epss", "scoring_elements": "0.85043", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3173" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=642302", "reference_id": "642302", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=642302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3173", "reference_id": "CVE-2010-3173", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3173" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-72", "reference_id": "mfsa2010-72", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-72" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0781", "reference_id": "RHSA-2010:0781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0782", "reference_id": "RHSA-2010:0782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0782" }, { "reference_url": "https://usn.ubuntu.com/1007-1/", "reference_id": "USN-1007-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1007-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355154?format=api", "purl": "pkg:deb/debian/nss@3.12.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3173" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhbn-aqde-vue5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1861?format=api", "vulnerability_id": "VCID-njme-jy8b-xuan", "summary": "Mozilla developer Eric Rescorla reported that a failed allocation during DHE and ECDHE handshakes would lead to a use-after-free vulnerability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02458", "scoring_system": "epss", "scoring_elements": "0.85482", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1978" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315565", "reference_id": "1315565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978", "reference_id": "CVE-2016-1978", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-15", "reference_id": "mfsa2016-15", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0591", "reference_id": "RHSA-2016:0591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0684", "reference_id": "RHSA-2016:0684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0685", "reference_id": "RHSA-2016:0685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0685" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355167?format=api", "purl": "pkg:deb/debian/nss@2:3.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1978" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njme-jy8b-xuan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1154?format=api", "vulnerability_id": "VCID-nmfg-j5e8-qqa5", "summary": "When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12400.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34763", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12400" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853983", "reference_id": "1853983", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853983" }, { "reference_url": "https://security.gentoo.org/glsa/202008-08", "reference_id": "GLSA-202008-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36", "reference_id": "mfsa2020-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-39", "reference_id": "mfsa2020-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0538", "reference_id": "RHSA-2021:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4455-1/", "reference_id": "USN-4455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4455-1/" }, { "reference_url": "https://usn.ubuntu.com/4474-1/", "reference_id": "USN-4474-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4474-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355182?format=api", "purl": "pkg:deb/debian/nss@2:3.55-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.55-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12400" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmfg-j5e8-qqa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2928?format=api", "vulnerability_id": "VCID-pe1u-3mjs-rucx", "summary": "Security researcher Karthikeyan Bhargavan reported an issue\nin Network Security Services (NSS) where the client allows for a ECDHE_ECDSA\nexchange where the server does not send its ServerKeyExchange\nmessage instead of aborting the handshake. Instead, the NSS client will take the\nEC key from the ECDSA certificate. This violates the TLS protocol and also has\nsome security implications for forward secrecy. In this situation, the browser\nthinks it is engaged in an ECDHE exchange, but has been silently downgraded to a\nnon-forward secret mixed-ECDH exchange instead. As a result, if False\nStart is enabled, the browser will start sending data encrypted under\nthese non-forward-secret connection keys. This issue was fixed in NSS version\n3.19.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2721.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00511", "scoring_system": "epss", "scoring_elements": "0.66732", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236967", "reference_id": "1236967", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721", "reference_id": "CVE-2015-2721", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721" }, { "reference_url": "https://security.gentoo.org/glsa/201512-10", "reference_id": "GLSA-201512-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-10" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-71", "reference_id": "mfsa2015-71", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-71" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1185", "reference_id": "RHSA-2015:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1664", "reference_id": "RHSA-2015:1664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1664" }, { "reference_url": "https://usn.ubuntu.com/2656-1/", "reference_id": "USN-2656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-1/" }, { "reference_url": "https://usn.ubuntu.com/2656-2/", "reference_id": "USN-2656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-2/" }, { "reference_url": "https://usn.ubuntu.com/2672-1/", "reference_id": "USN-2672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2672-1/" }, { "reference_url": "https://usn.ubuntu.com/2673-1/", "reference_id": "USN-2673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2673-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355165?format=api", "purl": "pkg:deb/debian/nss@2:3.19.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.19.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-2721" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pe1u-3mjs-rucx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2654?format=api", "vulnerability_id": "VCID-q8zq-w7zs-h3gp", "summary": "Moxie Marlinspike reported a heap overflow vulnerability\nin the code that handles regular expressions in certificate names. This\nvulnerability could be used to compromise the browser and run arbitrary code\nby presenting a specially crafted certificate to the client. This code\nprovided compatibility with the non-standard regular expression syntax\nhistorically supported by Netscape clients and servers. With version 3.5\nFirefox switched to the more limited industry-standard wildcard syntax\ninstead and is not vulnerable to this flaw.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2404.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.9574", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2404" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512912", "reference_id": "512912", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512912" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934", "reference_id": "539934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404", "reference_id": "CVE-2009-2404", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-43", "reference_id": "mfsa2009-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1184", "reference_id": "RHSA-2009:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1185", "reference_id": "RHSA-2009:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1186", "reference_id": "RHSA-2009:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1190", "reference_id": "RHSA-2009:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1207", "reference_id": "RHSA-2009:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1207" }, { "reference_url": "https://usn.ubuntu.com/810-1/", "reference_id": "USN-810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355148?format=api", "purl": "pkg:deb/debian/nss@3.12.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2404" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q8zq-w7zs-h3gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74192?format=api", "vulnerability_id": "VCID-qjw6-mxat-g7bc", "summary": "deprecate MD2 in SSL cert validation (Kaminsky)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2409.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02215", "scoring_system": "epss", "scoring_elements": "0.84745", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=510197", "reference_id": "510197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539895", "reference_id": "539895", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539895" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539899", "reference_id": "539899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539899" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1184", "reference_id": "RHSA-2009:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1186", "reference_id": "RHSA-2009:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1190", "reference_id": "RHSA-2009:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1207", "reference_id": "RHSA-2009:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1432", "reference_id": "RHSA-2009:1432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1560", "reference_id": "RHSA-2009:1560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1571", "reference_id": "RHSA-2009:1571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1584", "reference_id": "RHSA-2009:1584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0054", "reference_id": "RHSA-2010:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0054" }, { "reference_url": "https://usn.ubuntu.com/809-1/", "reference_id": "USN-809-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/809-1/" }, { "reference_url": "https://usn.ubuntu.com/810-1/", "reference_id": "USN-810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/810-1/" }, { "reference_url": "https://usn.ubuntu.com/830-1/", "reference_id": "USN-830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/830-1/" }, { "reference_url": "https://usn.ubuntu.com/859-1/", "reference_id": "USN-859-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/859-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355148?format=api", "purl": "pkg:deb/debian/nss@3.12.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2409" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjw6-mxat-g7bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57247?format=api", "vulnerability_id": "VCID-qmg4-n3mr-pkbg", "summary": "nss: Cache side-channel variant of the Bleichenbacher attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12783", "scoring_system": "epss", "scoring_elements": "0.94125", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1657913", "reference_id": "1657913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1657913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2237", "reference_id": "RHSA-2019:2237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2237" }, { "reference_url": "https://usn.ubuntu.com/3850-1/", "reference_id": "USN-3850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3850-1/" }, { "reference_url": "https://usn.ubuntu.com/3850-2/", "reference_id": "USN-3850-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3850-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355175?format=api", "purl": "pkg:deb/debian/nss@2:3.41-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.41-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-12404" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmg4-n3mr-pkbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1983?format=api", "vulnerability_id": "VCID-qynd-jtrm-p7bd", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1739.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03954", "scoring_system": "epss", "scoring_elements": "0.88552", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1739" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012740", "reference_id": "1012740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012740" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726473", "reference_id": "726473", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739", "reference_id": "CVE-2013-1739", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739" }, { "reference_url": "https://security.gentoo.org/glsa/201406-19", "reference_id": "GLSA-201406-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-93", "reference_id": "mfsa2013-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-93" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1791", "reference_id": "RHSA-2013:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1829", "reference_id": "RHSA-2013:1829", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1829" }, { "reference_url": "https://usn.ubuntu.com/2009-1/", "reference_id": "USN-2009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2009-1/" }, { "reference_url": "https://usn.ubuntu.com/2010-1/", "reference_id": "USN-2010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2010-1/" }, { "reference_url": "https://usn.ubuntu.com/2030-1/", "reference_id": "USN-2030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355158?format=api", "purl": "pkg:deb/debian/nss@2:3.15.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1739" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qynd-jtrm-p7bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64315?format=api", "vulnerability_id": "VCID-rgxy-53sw-mqdv", "summary": "nss: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9574.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9574.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9574", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.39927", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9574" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9574", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9574" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404568", "reference_id": "1404568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404568" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355170?format=api", "purl": "pkg:deb/debian/nss@2:3.25-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.25-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9574" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgxy-53sw-mqdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1581?format=api", "vulnerability_id": "VCID-s26k-d91c-6kbj", "summary": "When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00939", "scoring_system": "epss", "scoring_elements": "0.76536", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774831", "reference_id": "1774831", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774831" }, { "reference_url": "https://security.archlinux.org/ASA-201912-1", "reference_id": "ASA-201912-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201912-1" }, { "reference_url": "https://security.archlinux.org/ASA-201912-2", "reference_id": "ASA-201912-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201912-2" }, { "reference_url": "https://security.archlinux.org/AVG-1071", "reference_id": "AVG-1071", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1071" }, { "reference_url": "https://security.archlinux.org/AVG-1072", "reference_id": "AVG-1072", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1072" }, { "reference_url": "https://security.gentoo.org/glsa/202003-02", "reference_id": "GLSA-202003-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-02" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://security.gentoo.org/glsa/202003-37", "reference_id": "GLSA-202003-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-37" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-36", "reference_id": "mfsa2019-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-37", "reference_id": "mfsa2019-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-37" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-38", "reference_id": "mfsa2019-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4114", "reference_id": "RHSA-2019:4114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4152", "reference_id": "RHSA-2019:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4190", "reference_id": "RHSA-2019:4190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0243", "reference_id": "RHSA-2020:0243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0466", "reference_id": "RHSA-2020:0466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1267", "reference_id": "RHSA-2020:1267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1345", "reference_id": "RHSA-2020:1345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1461", "reference_id": "RHSA-2020:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1461" }, { "reference_url": "https://usn.ubuntu.com/4203-1/", "reference_id": "USN-4203-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4203-1/" }, { "reference_url": "https://usn.ubuntu.com/4203-2/", "reference_id": "USN-4203-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4203-2/" }, { "reference_url": "https://usn.ubuntu.com/4216-1/", "reference_id": "USN-4216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4216-1/" }, { "reference_url": "https://usn.ubuntu.com/4216-2/", "reference_id": "USN-4216-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4216-2/" }, { "reference_url": "https://usn.ubuntu.com/4241-1/", "reference_id": "USN-4241-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4241-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355178?format=api", "purl": "pkg:deb/debian/nss@2:3.47.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.47.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11745" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s26k-d91c-6kbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1964?format=api", "vulnerability_id": "VCID-s6kg-u7qf-v7eh", "summary": "Mozilla has updated the version of Network Security\nServices (NSS) library used in Mozilla projects to NSS 3.15.3 with the\nexception of ESR17-based releases, which have been updated to NSS 3.14.5. This\naddresses several moderate to critical rated networking security issues.Google developer Andrew Tinits reported a potentially\nexploitable buffer overflow that was fixed in both NSS 3.15.3 and NSS\n3.14.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5605.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5605.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0279", "scoring_system": "epss", "scoring_elements": "0.86332", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5605" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1030807", "reference_id": "1030807", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1030807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605", "reference_id": "CVE-2013-5605", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605" }, { "reference_url": "https://security.gentoo.org/glsa/201406-19", "reference_id": "GLSA-201406-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-19" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-103", "reference_id": "mfsa2013-103", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1791", "reference_id": "RHSA-2013:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1829", "reference_id": "RHSA-2013:1829", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1829" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1840", "reference_id": "RHSA-2013:1840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1841", "reference_id": "RHSA-2013:1841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0041", "reference_id": "RHSA-2014:0041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0041" }, { "reference_url": "https://usn.ubuntu.com/2030-1/", "reference_id": "USN-2030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2030-1/" }, { "reference_url": "https://usn.ubuntu.com/2031-1/", "reference_id": "USN-2031-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2031-1/" }, { "reference_url": "https://usn.ubuntu.com/2032-1/", "reference_id": "USN-2032-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2032-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355160?format=api", "purl": "pkg:deb/debian/nss@2:3.15.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-5605" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s6kg-u7qf-v7eh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1966?format=api", "vulnerability_id": "VCID-sty3-c143-efb2", "summary": "Mozilla has updated the version of Network Security\nServices (NSS) library used in Mozilla projects to NSS 3.15.3 with the\nexception of ESR17-based releases, which have been updated to NSS 3.14.5. This\naddresses several moderate to critical rated networking security issues.Google developer Andrew Tinits reported a potentially\nexploitable buffer overflow that was fixed in both NSS 3.15.3 and NSS\n3.14.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1741.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85871", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1741" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031458", "reference_id": "1031458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735105", "reference_id": "735105", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735105" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741", "reference_id": "CVE-2013-1741", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741" }, { "reference_url": "https://security.gentoo.org/glsa/201406-19", "reference_id": "GLSA-201406-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-19" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-103", "reference_id": "mfsa2013-103", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1791", "reference_id": "RHSA-2013:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1829", "reference_id": "RHSA-2013:1829", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1829" }, { "reference_url": "https://usn.ubuntu.com/2030-1/", "reference_id": "USN-2030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2030-1/" }, { "reference_url": "https://usn.ubuntu.com/2031-1/", "reference_id": "USN-2031-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2031-1/" }, { "reference_url": "https://usn.ubuntu.com/2032-1/", "reference_id": "USN-2032-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2032-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355160?format=api", "purl": "pkg:deb/debian/nss@2:3.15.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1741" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sty3-c143-efb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46693?format=api", "vulnerability_id": "VCID-t8zp-v52s-abgk", "summary": "nss: TLS 1.3 CCS flood remote DoS Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27013", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25648" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887319", "reference_id": "1887319", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887319" }, { "reference_url": "https://security.gentoo.org/glsa/202012-21", "reference_id": "GLSA-202012-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1384", "reference_id": "RHSA-2021:1384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3572", "reference_id": "RHSA-2021:3572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3572" }, { "reference_url": "https://usn.ubuntu.com/5410-1/", "reference_id": "USN-5410-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5410-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355185?format=api", "purl": "pkg:deb/debian/nss@2:3.58-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.58-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25648" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8zp-v52s-abgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1026?format=api", "vulnerability_id": "VCID-tk6s-jge5-tfdk", "summary": "The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks.\nBoth the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel.\nBy sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key.\nThe issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4421.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00224", "scoring_system": "epss", "scoring_elements": "0.4516", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238677", "reference_id": "2238677", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238677" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-53", "reference_id": "mfsa2023-53", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-53" }, { "reference_url": "https://usn.ubuntu.com/6727-1/", "reference_id": "USN-6727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355192?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4421" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tk6s-jge5-tfdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2914?format=api", "vulnerability_id": "VCID-tkpu-fc1n-5ya3", "summary": "Security researcher Matthew Green reported a Diffie–Hellman\n(DHE) key processing issue in Network Security Services (NSS) where a\nman-in-the-middle (MITM) attacker can force a server to downgrade TLS\nconnections to 512-bit export-grade cryptography by modifying client\nrequests to include only export-grade cipher suites. The resulting\nweak key can then be leveraged to impersonate the server. This attack\nis detailed in the \"Imperfect Forward\nSecrecy: How Diffie-Hellman Fails in Practice\" paper and is known as the\n\"Logjam Attack.\"This issue was fixed in NSS version 3.19.1 by limiting the lower strength of\nsupported DHE keys to use 1023 bit primes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93289", "scoring_system": "epss", "scoring_elements": "0.99815", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1032474", "reference_id": "1032474", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032474" }, { "reference_url": "http://www.securitytracker.com/id/1032475", "reference_id": "1032475", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032475" }, { "reference_url": "http://www.securitytracker.com/id/1032476", "reference_id": "1032476", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032476" }, { "reference_url": "http://www.securitytracker.com/id/1032637", "reference_id": "1032637", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032637" }, { "reference_url": "http://www.securitytracker.com/id/1032645", "reference_id": "1032645", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032645" }, { "reference_url": "http://www.securitytracker.com/id/1032647", "reference_id": "1032647", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032647" }, { "reference_url": "http://www.securitytracker.com/id/1032648", "reference_id": "1032648", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032648" }, { "reference_url": "http://www.securitytracker.com/id/1032649", "reference_id": "1032649", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032649" }, { "reference_url": "http://www.securitytracker.com/id/1032650", "reference_id": "1032650", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032650" }, { "reference_url": "http://www.securitytracker.com/id/1032651", "reference_id": "1032651", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032651" }, { "reference_url": "http://www.securitytracker.com/id/1032652", "reference_id": "1032652", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032652" }, { "reference_url": "http://www.securitytracker.com/id/1032653", "reference_id": "1032653", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032653" }, { "reference_url": "http://www.securitytracker.com/id/1032654", "reference_id": "1032654", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032654" }, { "reference_url": "http://www.securitytracker.com/id/1032655", "reference_id": "1032655", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032655" }, { "reference_url": "http://www.securitytracker.com/id/1032656", "reference_id": "1032656", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032656" }, { "reference_url": "http://www.securitytracker.com/id/1032688", "reference_id": "1032688", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032688" }, { "reference_url": "http://www.securitytracker.com/id/1032699", "reference_id": "1032699", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032699" }, { "reference_url": "http://www.securitytracker.com/id/1032702", "reference_id": "1032702", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032702" }, { "reference_url": "http://www.securitytracker.com/id/1032727", "reference_id": "1032727", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032727" }, { "reference_url": "http://www.securitytracker.com/id/1032759", "reference_id": "1032759", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032759" }, { "reference_url": "http://www.securitytracker.com/id/1032777", "reference_id": "1032777", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032777" }, { "reference_url": "http://www.securitytracker.com/id/1032778", "reference_id": "1032778", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032778" }, { "reference_url": "http://www.securitytracker.com/id/1032783", "reference_id": "1032783", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032783" }, { "reference_url": "http://www.securitytracker.com/id/1032784", "reference_id": "1032784", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032784" }, { "reference_url": "http://www.securitytracker.com/id/1032856", "reference_id": "1032856", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032856" }, { "reference_url": "http://www.securitytracker.com/id/1032864", "reference_id": "1032864", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032864" }, { "reference_url": "http://www.securitytracker.com/id/1032865", "reference_id": "1032865", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032865" }, { "reference_url": "http://www.securitytracker.com/id/1032871", "reference_id": "1032871", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032871" }, { "reference_url": "http://www.securitytracker.com/id/1032884", "reference_id": "1032884", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032884" }, { "reference_url": "http://www.securitytracker.com/id/1032910", "reference_id": "1032910", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032910" }, { "reference_url": "http://www.securitytracker.com/id/1032932", "reference_id": "1032932", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032932" }, { "reference_url": "http://www.securitytracker.com/id/1032960", "reference_id": "1032960", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1032960" }, { "reference_url": "http://www.securitytracker.com/id/1033019", "reference_id": "1033019", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033019" }, { "reference_url": "http://www.securitytracker.com/id/1033064", "reference_id": "1033064", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033064" }, { "reference_url": "http://www.securitytracker.com/id/1033065", "reference_id": "1033065", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033065" }, { "reference_url": "http://www.securitytracker.com/id/1033067", "reference_id": "1033067", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033067" }, { "reference_url": "http://www.securitytracker.com/id/1033208", "reference_id": "1033208", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033208" }, { "reference_url": "http://www.securitytracker.com/id/1033209", "reference_id": "1033209", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033209" }, { "reference_url": "http://www.securitytracker.com/id/1033210", "reference_id": "1033210", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033210" }, { "reference_url": "http://www.securitytracker.com/id/1033222", "reference_id": "1033222", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033222" }, { "reference_url": "http://www.securitytracker.com/id/1033341", "reference_id": "1033341", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033341" }, { "reference_url": "http://www.securitytracker.com/id/1033385", "reference_id": "1033385", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033385" }, { "reference_url": "http://www.securitytracker.com/id/1033416", "reference_id": "1033416", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033416" }, { "reference_url": "http://www.securitytracker.com/id/1033430", "reference_id": "1033430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033430" }, { "reference_url": "http://www.securitytracker.com/id/1033433", "reference_id": "1033433", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033433" }, { "reference_url": "http://www.securitytracker.com/id/1033513", "reference_id": "1033513", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033513" }, { "reference_url": "http://www.securitytracker.com/id/1033760", "reference_id": "1033760", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033760" }, { "reference_url": "http://www.securitytracker.com/id/1033891", "reference_id": "1033891", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033891" }, { "reference_url": "http://www.securitytracker.com/id/1033991", "reference_id": "1033991", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1033991" }, { "reference_url": "http://www.securitytracker.com/id/1034087", "reference_id": "1034087", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1034087" }, { "reference_url": "http://www.securitytracker.com/id/1034728", "reference_id": "1034728", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1034728" }, { "reference_url": "http://www.securitytracker.com/id/1034884", "reference_id": "1034884", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1034884" }, { "reference_url": "http://www.securitytracker.com/id/1036218", "reference_id": "1036218", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1036218" }, { "reference_url": "http://www.securitytracker.com/id/1040630", "reference_id": "1040630", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securitytracker.com/id/1040630" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223211", "reference_id": "1223211", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223211" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html", "reference_id": "159314.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html", "reference_id": "159351.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html", "reference_id": "160117.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html" }, { "reference_url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack", "reference_id": "2015-05-20-logjam-attack", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack" }, { "reference_url": "https://openssl.org/news/secadv/20150611.txt", "reference_id": "20150611.txt", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://openssl.org/news/secadv/20150611.txt" }, { "reference_url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery", "reference_id": "2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery" }, { "reference_url": "http://www.securityfocus.com/bid/74733", "reference_id": "74733", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securityfocus.com/bid/74733" }, { "reference_url": "http://openwall.com/lists/oss-security/2015/05/20/8", "reference_id": "8", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://openwall.com/lists/oss-security/2015/05/20/8" }, { "reference_url": "http://www.securityfocus.com/bid/91787", "reference_id": "91787", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.securityfocus.com/bid/91787" }, { "reference_url": "http://support.citrix.com/article/CTX201114", "reference_id": "CTX201114", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://support.citrix.com/article/CTX201114" }, { "reference_url": "https://support.citrix.com/article/CTX216642", "reference_id": "CTX216642", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://support.citrix.com/article/CTX216642" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "CVE-2015-4000", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://puppet.com/security/cve/CVE-2015-4000", "reference_id": "CVE-2015-4000", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://puppet.com/security/cve/CVE-2015-4000" }, { "reference_url": "https://www.suse.com/security/cve/CVE-2015-4000.html", "reference_id": "CVE-2015-4000.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www.suse.com/security/cve/CVE-2015-4000.html" }, { "reference_url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196", "reference_id": "display?docId=emr_na-c04718196", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402", "reference_id": "display?docId=emr_na-c04876402", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778", "reference_id": "display?docId=emr_na-c04949778", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527", "reference_id": "docDisplay?docId=emr_na-c04740527", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", "reference_id": "docDisplay?docId=emr_na-c04770140", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", "reference_id": "docDisplay?docId=emr_na-c04772190", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", "reference_id": "docDisplay?docId=emr_na-c04773119", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", "reference_id": "docDisplay?docId=emr_na-c04773241", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", "reference_id": "docDisplay?docId=emr_na-c04832246", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839", "reference_id": "docDisplay?docId=emr_na-c04918839", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929", "reference_id": "docDisplay?docId=emr_na-c04923929", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", "reference_id": "docDisplay?docId=emr_na-c04926789", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655", "reference_id": "docDisplay?docId=emr_na-c04953655", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", "reference_id": "docDisplay?docId=emr_na-c05045763", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722", "reference_id": "docDisplay?docId=emr_na-c05128722", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083", "reference_id": "docDisplay?docId=emr_na-c05193083", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083" }, { "reference_url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403", "reference_id": "docdisplay?lndocid=MIGR-5098403", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984", "reference_id": "docview.wss?uid=swg21958984", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111", "reference_id": "docview.wss?uid=swg21959111", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132", "reference_id": "docview.wss?uid=swg21959132", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195", "reference_id": "docview.wss?uid=swg21959195", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325", "reference_id": "docview.wss?uid=swg21959325", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453", "reference_id": "docview.wss?uid=swg21959453", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481", "reference_id": "docview.wss?uid=swg21959481", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517", "reference_id": "docview.wss?uid=swg21959517", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530", "reference_id": "docview.wss?uid=swg21959530", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539", "reference_id": "docview.wss?uid=swg21959539", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636", "reference_id": "docview.wss?uid=swg21959636", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636" }, { "reference_url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745", "reference_id": "docview.wss?uid=swg21959745", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812", "reference_id": "docview.wss?uid=swg21959812", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041", "reference_id": "docview.wss?uid=swg21960041", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191", "reference_id": "docview.wss?uid=swg21960191", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194", "reference_id": "docview.wss?uid=swg21960194", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380", "reference_id": "docview.wss?uid=swg21960380", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418", "reference_id": "docview.wss?uid=swg21960418", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717", "reference_id": "docview.wss?uid=swg21961717", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455", "reference_id": "docview.wss?uid=swg21962455", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739", "reference_id": "docview.wss?uid=swg21962739", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816", "reference_id": "docview.wss?uid=swg21962816", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816" }, { "reference_url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893", "reference_id": "docview.wss?uid=swg21967893", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3287", "reference_id": "dsa-3287", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3287" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3300", "reference_id": "dsa-3300", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3300" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3316", "reference_id": "dsa-3316", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3316" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3324", "reference_id": "dsa-3324", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3324" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3339", "reference_id": "dsa-3339", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3339" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3688", "reference_id": "dsa-3688", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "reference_url": "https://security.gentoo.org/glsa/201506-02", "reference_id": "GLSA-201506-02", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201506-02" }, { "reference_url": "https://security.gentoo.org/glsa/201512-10", "reference_id": "GLSA-201512-10", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201512-10" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "http://support.apple.com/kb/HT204941", "reference_id": "HT204941", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://support.apple.com/kb/HT204941" }, { "reference_url": "http://support.apple.com/kb/HT204942", "reference_id": "HT204942", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://support.apple.com/kb/HT204942" }, { "reference_url": "https://weakdh.org/imperfect-forward-secrecy.pdf", "reference_id": "imperfect-forward-secrecy.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://weakdh.org/imperfect-forward-secrecy.pdf" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681", "reference_id": "index?page=content&id=JSA10681", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", "reference_id": "index?page=content&id=JSA10727", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", "reference_id": "index?page=content&id=SB10122", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143506486712441&w=2", "reference_id": "?l=bugtraq&m=143506486712441&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143506486712441&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143557934009303&w=2", "reference_id": "?l=bugtraq&m=143557934009303&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143557934009303&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558092609708&w=2", "reference_id": "?l=bugtraq&m=143558092609708&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558092609708&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143628304012255&w=2", "reference_id": "?l=bugtraq&m=143628304012255&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143628304012255&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143637549705650&w=2", "reference_id": "?l=bugtraq&m=143637549705650&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143637549705650&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143655800220052&w=2", "reference_id": "?l=bugtraq&m=143655800220052&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143655800220052&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2", "reference_id": "?l=bugtraq&m=143880121627664&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2", "reference_id": "?l=bugtraq&m=144043644216842&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144050121701297&w=2", "reference_id": "?l=bugtraq&m=144050121701297&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144050121701297&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2", "reference_id": "?l=bugtraq&m=144060576831314&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2", "reference_id": "?l=bugtraq&m=144060606031437&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144061542602287&w=2", "reference_id": "?l=bugtraq&m=144061542602287&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144061542602287&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2", "reference_id": "?l=bugtraq&m=144069189622016&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2", "reference_id": "?l=bugtraq&m=144102017024820&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2", "reference_id": "?l=bugtraq&m=144104533800819&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2", "reference_id": "?l=bugtraq&m=144493176821532&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145409266329539&w=2", "reference_id": "?l=bugtraq&m=145409266329539&w=2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://marc.info/?l=bugtraq&m=145409266329539&w=2" }, { "reference_url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/", "reference_id": "logjam-freak-upcoming-changes", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/" }, { "reference_url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/", "reference_id": "logjam-the-latest-tls-vulnerability-explained", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70", "reference_id": "mfsa2015-70", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70" }, { "reference_url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html", "reference_id": "mfsa2015-70.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html", "reference_id": "msg00004.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html", "reference_id": "msg00032.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html", "reference_id": "msg00034.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html", "reference_id": "msg00046.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html", "reference_id": "msg00047.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html", "reference_id": "msg00094.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html", "reference_id": "msg00097.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html" }, { "reference_url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc", "reference_id": "NetBSD-SA2015-008.txt.asc", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes", "reference_id": "NSS_3.19.1_release_notes", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20150619-0001/", "reference_id": "ntap-20150619-0001", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20150619-0001/" }, { "reference_url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm", "reference_id": "releaseNotes.htm", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1072", "reference_id": "RHSA-2015:1072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1072" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html", "reference_id": "RHSA-2015-1072.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1185", "reference_id": "RHSA-2015:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1185" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html", "reference_id": "RHSA-2015-1185.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1197", "reference_id": "RHSA-2015:1197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1197" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html", "reference_id": "RHSA-2015-1197.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html", "reference_id": "RHSA-2015-1228.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html", "reference_id": "RHSA-2015-1229.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html", "reference_id": "RHSA-2015-1230.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html", "reference_id": "RHSA-2015-1241.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html", "reference_id": "RHSA-2015-1242.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html", "reference_id": "RHSA-2015-1243.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html", "reference_id": "RHSA-2015-1485.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html", "reference_id": "RHSA-2015-1486.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html", "reference_id": "RHSA-2015-1488.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html", "reference_id": "RHSA-2015-1526.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html", "reference_id": "RHSA-2015-1544.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html", "reference_id": "RHSA-2015-1604.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html", "reference_id": "RHSA-2016-1624.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2056", "reference_id": "RHSA-2016:2056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2056" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa98", "reference_id": "sa98", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://bto.bluecoat.com/security-advisory/sa98" }, { "reference_url": "https://www.openssl.org/news/secadv_20150611.txt", "reference_id": "secadv_20150611.txt", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://www.openssl.org/news/secadv_20150611.txt" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc", "reference_id": "sendmail_advisory2.asc", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554", "reference_id": "show_bug.cgi?id=1138554", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "reference_id": "ssa-412672.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "reference_url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "reference_id": "StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "reference_url": "https://usn.ubuntu.com/2656-1/", "reference_id": "USN-2656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2656-1", "reference_id": "USN-2656-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2656-1" }, { "reference_url": "https://usn.ubuntu.com/2656-2/", "reference_id": "USN-2656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2656-2/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2656-2", "reference_id": "USN-2656-2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2656-2" }, { "reference_url": "https://usn.ubuntu.com/2673-1/", "reference_id": "USN-2673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2673-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2673-1", "reference_id": "USN-2673-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2673-1" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2696-1", "reference_id": "USN-2696-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2696-1" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2706-1", "reference_id": "USN-2706-1", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2706-1" }, { "reference_url": "https://weakdh.org/", "reference_id": "weakdh.org", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:22:15Z/" } ], "url": "https://weakdh.org/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355165?format=api", "purl": "pkg:deb/debian/nss@2:3.19.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.19.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-4000" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tkpu-fc1n-5ya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1942?format=api", "vulnerability_id": "VCID-u52n-bfng-8kcc", "summary": "Security researcher Francis Gabriel of Quarkslab reported a heap-based\nbuffer overflow in the way the Network Security Services (NSS) libraries parsed certain\nASN.1 structures. An attacker could create a specially-crafted certificate which, when\nparsed by NSS, would cause it to crash or execute arbitrary code with the permissions of\nthe user.\nThis issue has been addressed in the NSS releases shipping on affected Mozilla\nproducts:", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83405", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1950" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310509", "reference_id": "1310509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "CVE-2016-1950", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-35", "reference_id": "mfsa2016-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0370", "reference_id": "RHSA-2016:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0371", "reference_id": "RHSA-2016:0371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0495", "reference_id": "RHSA-2016:0495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0495" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2924-1/", "reference_id": "USN-2924-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2924-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355169?format=api", "purl": "pkg:deb/debian/nss@2:3.23-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.23-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1950" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u52n-bfng-8kcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69159?format=api", "vulnerability_id": "VCID-vg1a-61x3-g7gs", "summary": "nss: false start PR_Recv information disclosure security issue", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1740.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77303", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053725", "reference_id": "1053725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0917", "reference_id": "RHSA-2014:0917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1246", "reference_id": "RHSA-2014:1246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1246" }, { "reference_url": "https://usn.ubuntu.com/2088-1/", "reference_id": "USN-2088-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2088-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355159?format=api", "purl": "pkg:deb/debian/nss@2:3.15.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1740" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vg1a-61x3-g7gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68091?format=api", "vulnerability_id": "VCID-w16b-j9pd-jyg8", "summary": "nss: QuickDER decoder length issue", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1569.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1569.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03635", "scoring_system": "epss", "scoring_elements": "0.88029", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174492", "reference_id": "1174492", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174492" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773625", "reference_id": "773625", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773625" }, { "reference_url": "https://usn.ubuntu.com/2452-1/", "reference_id": "USN-2452-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2452-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355164?format=api", "purl": "pkg:deb/debian/nss@2:3.17.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.17.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1569" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w16b-j9pd-jyg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64372?format=api", "vulnerability_id": "VCID-x4hh-waed-2faz", "summary": "nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5285.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01626", "scoring_system": "epss", "scoring_elements": "0.82169", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383883", "reference_id": "1383883", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383883" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2779", "reference_id": "RHSA-2016:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2779" }, { "reference_url": "https://usn.ubuntu.com/3163-1/", "reference_id": "USN-3163-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3163-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355170?format=api", "purl": "pkg:deb/debian/nss@2:3.25-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.25-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5285" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4hh-waed-2faz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71633?format=api", "vulnerability_id": "VCID-x6pd-2arc-gqdq", "summary": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88348", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389" }, { "reference_url": "https://curl.se/docs/CVE-2011-3389.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2011-3389.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", "reference_id": "737506", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506" }, { "reference_url": "https://security.gentoo.org/glsa/201111-02", "reference_id": "GLSA-201111-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201111-02" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1380", "reference_id": "RHSA-2011:1380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1384", "reference_id": "RHSA-2011:1384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0006", "reference_id": "RHSA-2012:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0034", "reference_id": "RHSA-2012:0034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0343", "reference_id": "RHSA-2012:0343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0508", "reference_id": "RHSA-2012:0508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://usn.ubuntu.com/1263-1/", "reference_id": "USN-1263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1263-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355155?format=api", "purl": "pkg:deb/debian/nss@3.13.1.with.ckbi.1.88-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.13.1.with.ckbi.1.88-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-3389" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6pd-2arc-gqdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68314?format=api", "vulnerability_id": "VCID-xet9-63wg-3fgw", "summary": "SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93538", "scoring_system": "epss", "scoring_elements": "0.99837", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "reference_id": "0101.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "reference_url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "reference_id": "1015-security-advisory-7", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" }, { "reference_url": "http://www.securitytracker.com/id/1031029", "reference_id": "1031029", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031029" }, { "reference_url": "http://www.securitytracker.com/id/1031039", "reference_id": "1031039", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031039" }, { "reference_url": "http://www.securitytracker.com/id/1031085", "reference_id": "1031085", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031085" }, { "reference_url": "http://www.securitytracker.com/id/1031086", "reference_id": "1031086", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031086" }, { "reference_url": "http://www.securitytracker.com/id/1031087", "reference_id": "1031087", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031087" }, { "reference_url": "http://www.securitytracker.com/id/1031088", "reference_id": "1031088", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031088" }, { "reference_url": "http://www.securitytracker.com/id/1031089", "reference_id": "1031089", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031089" }, { "reference_url": "http://www.securitytracker.com/id/1031090", "reference_id": "1031090", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031090" }, { "reference_url": "http://www.securitytracker.com/id/1031091", "reference_id": "1031091", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031091" }, { "reference_url": "http://www.securitytracker.com/id/1031092", "reference_id": "1031092", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031092" }, { "reference_url": "http://www.securitytracker.com/id/1031093", "reference_id": "1031093", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031093" }, { "reference_url": "http://www.securitytracker.com/id/1031094", "reference_id": "1031094", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031094" }, { "reference_url": "http://www.securitytracker.com/id/1031095", "reference_id": "1031095", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031095" }, { "reference_url": "http://www.securitytracker.com/id/1031096", "reference_id": "1031096", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031096" }, { "reference_url": "http://www.securitytracker.com/id/1031105", "reference_id": "1031105", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031105" }, { "reference_url": "http://www.securitytracker.com/id/1031106", "reference_id": "1031106", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031106" }, { "reference_url": "http://www.securitytracker.com/id/1031107", "reference_id": "1031107", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031107" }, { "reference_url": "http://www.securitytracker.com/id/1031120", "reference_id": "1031120", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031120" }, { "reference_url": "http://www.securitytracker.com/id/1031123", "reference_id": "1031123", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031123" }, { "reference_url": "http://www.securitytracker.com/id/1031124", "reference_id": "1031124", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031124" }, { "reference_url": "http://www.securitytracker.com/id/1031130", "reference_id": "1031130", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031130" }, { "reference_url": "http://www.securitytracker.com/id/1031131", "reference_id": "1031131", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031131" }, { "reference_url": "http://www.securitytracker.com/id/1031132", "reference_id": "1031132", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securitytracker.com/id/1031132" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "reference_id": "1152789", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "reference_url": "https://access.redhat.com/articles/1232123", "reference_id": "1232123", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://access.redhat.com/articles/1232123" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "reference_id": "141114.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "reference_id": "141158.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "reference_id": "142330.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "reference_id": "169361.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "reference_id": "169374.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html" }, { "reference_url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "reference_id": "2014-10-14-how-poodle-happened.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "reference_url": "https://technet.microsoft.com/library/security/3009008.aspx", "reference_id": "3009008.aspx", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "reference_url": "http://www.securityfocus.com/archive/1/533746", "reference_id": "533746", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533746" }, { "reference_url": "http://www.securityfocus.com/archive/1/533747", "reference_id": "533747", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533747" }, { "reference_url": "http://www.kb.cert.org/vuls/id/577193", "reference_id": "577193", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.kb.cert.org/vuls/id/577193" }, { "reference_url": "http://secunia.com/advisories/59627", "reference_id": "59627", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/59627" }, { "reference_url": "http://secunia.com/advisories/60056", "reference_id": "60056", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60056" }, { "reference_url": "http://secunia.com/advisories/60206", "reference_id": "60206", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60206" }, { "reference_url": "http://secunia.com/advisories/60792", "reference_id": "60792", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60792" }, { "reference_url": "http://secunia.com/advisories/60859", "reference_id": "60859", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/60859" }, { "reference_url": "http://secunia.com/advisories/61019", "reference_id": "61019", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61019" }, { "reference_url": "http://secunia.com/advisories/61130", "reference_id": "61130", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61130" }, { "reference_url": "http://secunia.com/advisories/61303", "reference_id": "61303", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61303" }, { "reference_url": "http://secunia.com/advisories/61316", "reference_id": "61316", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61316" }, { "reference_url": "http://secunia.com/advisories/61345", "reference_id": "61345", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61345" }, { "reference_url": "http://secunia.com/advisories/61359", "reference_id": "61359", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61359" }, { "reference_url": "http://secunia.com/advisories/61782", "reference_id": "61782", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61782" }, { "reference_url": "http://secunia.com/advisories/61810", "reference_id": "61810", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61810" }, { "reference_url": "http://secunia.com/advisories/61819", "reference_id": "61819", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61819" }, { "reference_url": "http://secunia.com/advisories/61825", "reference_id": "61825", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61825" }, { "reference_url": "http://secunia.com/advisories/61827", "reference_id": "61827", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61827" }, { "reference_url": "http://secunia.com/advisories/61926", "reference_id": "61926", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61926" }, { "reference_url": "http://secunia.com/advisories/61995", "reference_id": "61995", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://secunia.com/advisories/61995" }, { "reference_url": "http://www.securityfocus.com/bid/70574", "reference_id": "70574", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/bid/70574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539", "reference_id": "765539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702", "reference_id": "765702", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164", "reference_id": "768164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904", "reference_id": "769904", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359", "reference_id": "771359", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "reference_id": "advisories?name=MDVSA-2014:203", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "reference_id": "advisories?name=MDVSA-2015:062", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "reference_url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "reference_id": "AST-2014-011.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html" }, { "reference_url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "reference_id": "attack-of-week-poodle.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "reference_id": "cisco-sa-20141015-poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "reference_url": "http://support.citrix.com/article/CTX200238", "reference_id": "CTX200238", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://support.citrix.com/article/CTX200238" }, { "reference_url": "https://support.citrix.com/article/CTX216642", "reference_id": "CTX216642", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.citrix.com/article/CTX216642" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "reference_id": "CVE-2014-3566.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html" }, { "reference_url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "reference_id": "cve-2014-3566-removing-sslv3-from-big-ip", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "reference_url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "reference_id": "display?docId=emr_na-c04583581", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "reference_id": "display?docId=emr_na-c04779034", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "reference_id": "docDisplay?docId=emr_na-c04819635", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "reference_id": "docDisplay?docId=emr_na-c05068681", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "reference_id": "docDisplay?docId=emr_na-c05157667", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "reference_id": "docDisplay?docId=emr_na-c05301946", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" }, { "reference_url": "https://www.suse.com/support/kb/doc.php?id=7015773", "reference_id": "doc.php?id=7015773", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "reference_id": "docview.wss?uid=isg3T1021431", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "reference_id": "docview.wss?uid=isg3T1021439", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "reference_id": "docview.wss?uid=swg21686997", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "reference_id": "docview.wss?uid=swg21687172", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "reference_id": "docview.wss?uid=swg21687611", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "reference_url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "reference_id": "docview.wss?uid=swg21688165", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "reference_id": "docview.wss?uid=swg21688283", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "reference_id": "docview.wss?uid=swg21692299", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3053", "reference_id": "dsa-3053", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2014/dsa-3053" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3144", "reference_id": "dsa-3144", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3144" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3147", "reference_id": "dsa-3147", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3147" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3489", "reference_id": "dsa-3489", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3489" }, { "reference_url": "https://security.gentoo.org/glsa/201411-10", "reference_id": "GLSA-201411-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-10" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201606-11", "reference_id": "GLSA-201606-11", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.gentoo.org/glsa/201606-11" }, { "reference_url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_id": "how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "reference_url": "http://support.apple.com/HT204244", "reference_id": "HT204244", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://support.apple.com/HT204244" }, { "reference_url": "https://support.apple.com/kb/HT6527", "reference_id": "HT6527", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6527" }, { "reference_url": "https://support.apple.com/kb/HT6529", "reference_id": "HT6529", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6529" }, { "reference_url": "https://support.apple.com/kb/HT6531", "reference_id": "HT6531", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6531" }, { "reference_url": "https://support.apple.com/kb/HT6535", "reference_id": "HT6535", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6535" }, { "reference_url": "https://support.apple.com/kb/HT6541", "reference_id": "HT6541", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6541" }, { "reference_url": "https://support.apple.com/kb/HT6542", "reference_id": "HT6542", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.apple.com/kb/HT6542" }, { "reference_url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "reference_id": "hw-405500.htm", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "reference_url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "reference_id": "ICSMA-18-058-02", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "index?page=content&id=JSA10705", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090", "reference_id": "index?page=content&id=SB10090", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091", "reference_id": "index?page=content&id=SB10091", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104", "reference_id": "index?page=content&id=SB10104", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2", "reference_id": "?l=bugtraq&m=141450452204552&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2", "reference_id": "?l=bugtraq&m=141450973807288&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2", "reference_id": "?l=bugtraq&m=141477196830952&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2", "reference_id": "?l=bugtraq&m=141576815022399&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2", "reference_id": "?l=bugtraq&m=141577087123040&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2", "reference_id": "?l=bugtraq&m=141577350823734&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2", "reference_id": "?l=bugtraq&m=141620103726640&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2", "reference_id": "?l=bugtraq&m=141628688425177&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2", "reference_id": "?l=bugtraq&m=141694355519663&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2", "reference_id": "?l=bugtraq&m=141697638231025&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2", "reference_id": "?l=bugtraq&m=141697676231104&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2", "reference_id": "?l=bugtraq&m=141703183219781&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2", "reference_id": "?l=bugtraq&m=141715130023061&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2", "reference_id": "?l=bugtraq&m=141775427104070&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2", "reference_id": "?l=bugtraq&m=141813976718456&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2", "reference_id": "?l=bugtraq&m=141814011518700&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2", "reference_id": "?l=bugtraq&m=141879378918327&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "reference_id": "?l=bugtraq&m=142103967620673&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2", "reference_id": "?l=bugtraq&m=142118135300698&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2", "reference_id": "?l=bugtraq&m=142296755107581&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2", "reference_id": "?l=bugtraq&m=142350196615714&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2", "reference_id": "?l=bugtraq&m=142350298616097&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2", "reference_id": "?l=bugtraq&m=142350743917559&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2", "reference_id": "?l=bugtraq&m=142354438527235&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2", "reference_id": "?l=bugtraq&m=142357976805598&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2", "reference_id": "?l=bugtraq&m=142495837901899&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2", "reference_id": "?l=bugtraq&m=142496355704097&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2", "reference_id": "?l=bugtraq&m=142546741516006&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2", "reference_id": "?l=bugtraq&m=142607790919348&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2", "reference_id": "?l=bugtraq&m=142624590206005&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067", "reference_id": "?l=bugtraq&m=142624619906067", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624619906067" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2", "reference_id": "?l=bugtraq&m=142624619906067&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2", "reference_id": "?l=bugtraq&m=142624679706236&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2", "reference_id": "?l=bugtraq&m=142624719706349&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2", "reference_id": "?l=bugtraq&m=142721830231196&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2", "reference_id": "?l=bugtraq&m=142721887231400&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2", "reference_id": "?l=bugtraq&m=142740155824959&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2", "reference_id": "?l=bugtraq&m=142791032306609&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2", "reference_id": "?l=bugtraq&m=142804214608580&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2", "reference_id": "?l=bugtraq&m=142805027510172&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2", "reference_id": "?l=bugtraq&m=142962817202793&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2", "reference_id": "?l=bugtraq&m=143039249603103&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2", "reference_id": "?l=bugtraq&m=143101048219218&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2", "reference_id": "?l=bugtraq&m=143290371927178&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2", "reference_id": "?l=bugtraq&m=143290437727362&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2", "reference_id": "?l=bugtraq&m=143290522027658&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2", "reference_id": "?l=bugtraq&m=143290583027876&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2", "reference_id": "?l=bugtraq&m=143558137709884&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2", "reference_id": "?l=bugtraq&m=143558192010071&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2", "reference_id": "?l=bugtraq&m=143628269912142&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2", "reference_id": "?l=bugtraq&m=144101915224472&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2", "reference_id": "?l=bugtraq&m=144251162130364&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2", "reference_id": "?l=bugtraq&m=144294141001552&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2", "reference_id": "?l=bugtraq&m=145983526810210&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2" }, { "reference_url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2", "reference_id": "?l=openssl-dev&m=141333049205629&w=2", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0416.html", "reference_id": "MGASA-2014-0416.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://advisories.mageia.org/MGASA-2014-0416.html" }, { "reference_url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "reference_id": "MOVEitReleaseNotes82.pdf", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "reference_id": "msg00036.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "reference_id": "msg00066.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "reference_url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "reference_id": "multiple_vulnerabilities_in_openssl6", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "reference_id": "NetBSD-SA2014-015.txt.asc", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "reference_url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "reference_id": "node-v0-10-33-stable", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20141015-0001/", "reference_id": "ntap-20141015-0001", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "reference_id": "openssl_advisory11.asc", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "reference_url": "https://support.lenovo.com/product_security/poodle", "reference_id": "poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.lenovo.com/product_security/poodle" }, { "reference_url": "https://support.lenovo.com/us/en/product_security/poodle", "reference_id": "poodle", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "reference_url": "https://www.imperialviolet.org/2014/10/14/poodle.html", "reference_id": "poodle.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "reference_url": "https://github.com/mpgn/poodle-PoC", "reference_id": "poodle-PoC", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://github.com/mpgn/poodle-PoC" }, { "reference_url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "reference_id": "poodle-sslv3-vulnerability", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "reference_id": "RHSA-2014-1652.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "reference_id": "RHSA-2014-1653.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "reference_id": "RHSA-2014-1692.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1876", "reference_id": "RHSA-2014:1876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1876" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "reference_id": "RHSA-2014-1876.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1877", "reference_id": "RHSA-2014:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1877" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "reference_id": "RHSA-2014-1877.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1880", "reference_id": "RHSA-2014:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1880" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "reference_id": "RHSA-2014-1880.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1881", "reference_id": "RHSA-2014:1881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1881" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "reference_id": "RHSA-2014-1881.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1882", "reference_id": "RHSA-2014:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1882" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "reference_id": "RHSA-2014-1882.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1920", "reference_id": "RHSA-2014:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1920" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "reference_id": "RHSA-2014-1920.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "reference_id": "RHSA-2014-1948.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0010", "reference_id": "RHSA-2015:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0011", "reference_id": "RHSA-2015:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0012", "reference_id": "RHSA-2015:0012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0067", "reference_id": "RHSA-2015:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0068", "reference_id": "RHSA-2015:0068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0068" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "reference_id": "RHSA-2015-0068.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0069", "reference_id": "RHSA-2015:0069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0079", "reference_id": "RHSA-2015:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0079" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "reference_id": "RHSA-2015-0079.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0080", "reference_id": "RHSA-2015:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0080" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "reference_id": "RHSA-2015-0080.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0085", "reference_id": "RHSA-2015:0085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0085" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "reference_id": "RHSA-2015-0085.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0086", "reference_id": "RHSA-2015:0086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0086" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "reference_id": "RHSA-2015-0086.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0264", "reference_id": "RHSA-2015:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0264" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "reference_id": "RHSA-2015-0264.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "reference_id": "RHSA-2015-0698.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1545", "reference_id": "RHSA-2015:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1545" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "reference_id": "RHSA-2015-1545.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1546", "reference_id": "RHSA-2015:1546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1546" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "reference_id": "RHSA-2015-1546.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa83", "reference_id": "sa83", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "reference_url": "https://www.openssl.org/news/secadv_20141015.txt", "reference_id": "secadv_20141015.txt", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "reference_url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "reference_id": "security-advisory-3009008-released.aspx", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "reference_id": "show_bug.cgi?id=1076983", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "reference_url": "https://www.openssl.org/~bodo/ssl-poodle.pdf", "reference_id": "ssl-poodle.pdf", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "reference_url": "http://www.us-cert.gov/ncas/alerts/TA14-290A", "reference_id": "TA14-290A", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.us-cert.gov/ncas/alerts/TA14-290A" }, { "reference_url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "reference_id": "the-poodle-attack-and-the-end-of-ssl-3-0", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "reference_url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "reference_id": "this-poodle-bites-exploiting-ssl-30.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "reference_url": "https://usn.ubuntu.com/2486-1/", "reference_id": "USN-2486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2486-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2486-1", "reference_id": "USN-2486-1", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2486-1" }, { "reference_url": "https://usn.ubuntu.com/2487-1/", "reference_id": "USN-2487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2487-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2487-1", "reference_id": "USN-2487-1", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2487-1" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "reference_id": "VMSA-2015-0003.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" }, { "reference_url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_id": "Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/" } ], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355163?format=api", "purl": "pkg:deb/debian/nss@2:3.17.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.17.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3566" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xet9-63wg-3fgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2892?format=api", "vulnerability_id": "VCID-xhrv-tvzq-kyb9", "summary": "Mozilla engineers Tyson Smith and David Keeler\nreported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security\nServices (NSS). These issues were in octet string parsing and were found through fuzzing\nand code inspection. If these issues were triggered, they would lead to a potentially\nexploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in\nFirefox and Firefox ESR, respectively, as well as NSS 3.20.1.Google security engineer Ryan Sleevi reported an integer overflow in\nthe Netscape Portable Runtime (NSPR) due to a lack of checks during memory allocation.\nThis leads to a potentially exploitable crash. This issue is fixed in NSPR 4.10.10. The NSPR library is a required component of NSS.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7181.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7181.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05021", "scoring_system": "epss", "scoring_elements": "0.89878", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7181" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269345", "reference_id": "1269345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181", "reference_id": "CVE-2015-7181", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181" }, { "reference_url": "https://security.gentoo.org/glsa/201512-10", "reference_id": "GLSA-201512-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-10" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133", "reference_id": "mfsa2015-133", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1980", "reference_id": "RHSA-2015:1980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1981", "reference_id": "RHSA-2015:1981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2068", "reference_id": "RHSA-2015:2068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2068" }, { "reference_url": "https://usn.ubuntu.com/2785-1/", "reference_id": "USN-2785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2785-1/" }, { "reference_url": "https://usn.ubuntu.com/2791-1/", "reference_id": "USN-2791-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2791-1/" }, { "reference_url": "https://usn.ubuntu.com/2819-1/", "reference_id": "USN-2819-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2819-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355166?format=api", "purl": "pkg:deb/debian/nss@2:3.20.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.20.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7181" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhrv-tvzq-kyb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1153?format=api", "vulnerability_id": "VCID-xjrf-7rjd-zyh8", "summary": "When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6829.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00584", "scoring_system": "epss", "scoring_elements": "0.69326", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826187", "reference_id": "1826187", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826187" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36", "reference_id": "mfsa2020-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-39", "reference_id": "mfsa2020-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0538", "reference_id": "RHSA-2021:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4455-1/", "reference_id": "USN-4455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4455-1/" }, { "reference_url": "https://usn.ubuntu.com/4474-1/", "reference_id": "USN-4474-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4474-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355182?format=api", "purl": "pkg:deb/debian/nss@2:3.55-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.55-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-6829" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjrf-7rjd-zyh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2893?format=api", "vulnerability_id": "VCID-y8nr-6tvb-cbh1", "summary": "Mozilla engineers Tyson Smith and David Keeler\nreported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security\nServices (NSS). These issues were in octet string parsing and were found through fuzzing\nand code inspection. If these issues were triggered, they would lead to a potentially\nexploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in\nFirefox and Firefox ESR, respectively, as well as NSS 3.20.1.Google security engineer Ryan Sleevi reported an integer overflow in\nthe Netscape Portable Runtime (NSPR) due to a lack of checks during memory allocation.\nThis leads to a potentially exploitable crash. This issue is fixed in NSPR 4.10.10. The NSPR library is a required component of NSS.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7182.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7182.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7182", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11044", "scoring_system": "epss", "scoring_elements": "0.93559", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7182" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269351", "reference_id": "1269351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182", "reference_id": "CVE-2015-7182", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182" }, { "reference_url": "https://security.gentoo.org/glsa/201512-10", "reference_id": "GLSA-201512-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-10" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133", "reference_id": "mfsa2015-133", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1980", "reference_id": "RHSA-2015:1980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1981", "reference_id": "RHSA-2015:1981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2068", "reference_id": "RHSA-2015:2068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2068" }, { "reference_url": "https://usn.ubuntu.com/2785-1/", "reference_id": "USN-2785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2785-1/" }, { "reference_url": "https://usn.ubuntu.com/2791-1/", "reference_id": "USN-2791-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2791-1/" }, { "reference_url": "https://usn.ubuntu.com/2819-1/", "reference_id": "USN-2819-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2819-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355166?format=api", "purl": "pkg:deb/debian/nss@2:3.20.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.20.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7182" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8nr-6tvb-cbh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2756?format=api", "vulnerability_id": "VCID-yb2m-gy9e-9qft", "summary": "Mozilla developer Brian Smith and security researchers\nAntoine Delignat-Lavaud and Karthikeyan\nBhargavan of the Prosecco research team at INRIA Paris reported issues\nwith ticket handling in the Network Security Services (NSS) libraries. These\nhave been addressed in the NSS 3.15.4 release, shipping on affected platforms.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1491.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67445", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1491" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060955", "reference_id": "1060955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491", "reference_id": "CVE-2014-1491", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-12", "reference_id": "mfsa2014-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0917", "reference_id": "RHSA-2014:0917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0979", "reference_id": "RHSA-2014:0979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1246", "reference_id": "RHSA-2014:1246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1246" }, { "reference_url": "https://usn.ubuntu.com/2102-1/", "reference_id": "USN-2102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2102-1/" }, { "reference_url": "https://usn.ubuntu.com/2119-1/", "reference_id": "USN-2119-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2119-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355159?format=api", "purl": "pkg:deb/debian/nss@2:3.15.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.15.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1491" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yb2m-gy9e-9qft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2606?format=api", "vulnerability_id": "VCID-ycjq-pc6z-b7d2", "summary": "IOActive security researcher Dan Kaminsky reported a\nmismatch in the treatment of domain names in SSL certificates between SSL\nclients and the Certificate Authorities (CA) which issue server certificates.\nIn particular, if a malicious person requested a certificate for a host name\nwith an invalid null character in it most CAs would issue the\ncertificate if the requester owned the domain specified after the null, while\nmost SSL clients (browsers) ignored that part of the name and used the\nunvalidated part in front of the null. This made it possible for attackers to\nobtain certificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter encrypted\ncommunication between the client and a server such as sensitive bank\naccount transactions.This vulnerability was independently reported to us by researcher\nMoxie Marlinspike who also noted that since Firefox\nrelies on SSL to protect the integrity of security updates this attack\ncould be used to serve malicious updates. Mozilla would like to thank Dan and the Microsoft Vulnerability\nResearch team for coordinating a multiple-vendor response to this problem.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2408.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01855", "scoring_system": "epss", "scoring_elements": "0.83342", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2408" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251", "reference_id": "510251", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934", "reference_id": "539934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408", "reference_id": "CVE-2009-2408", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-42", "reference_id": "mfsa2009-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1184", "reference_id": "RHSA-2009:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1186", "reference_id": "RHSA-2009:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1190", "reference_id": "RHSA-2009:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1207", "reference_id": "RHSA-2009:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1432", "reference_id": "RHSA-2009:1432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1432" }, { "reference_url": "https://usn.ubuntu.com/810-1/", "reference_id": "USN-810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355148?format=api", "purl": "pkg:deb/debian/nss@3.12.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2408" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ycjq-pc6z-b7d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1219?format=api", "vulnerability_id": "VCID-zafx-6fyq-pbc3", "summary": "During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. We would like to thank Sohaib ul Hassan for contributing a fix for this issue as well.*Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26696", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826231", "reference_id": "1826231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826231" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963152", "reference_id": "963152", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963152" }, { "reference_url": "https://security.gentoo.org/glsa/202007-10", "reference_id": "GLSA-202007-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-24", "reference_id": "mfsa2020-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-29", "reference_id": "mfsa2020-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3280", "reference_id": "RHSA-2020:3280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4076", "reference_id": "RHSA-2020:4076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4417-1/", "reference_id": "USN-4417-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4417-1/" }, { "reference_url": "https://usn.ubuntu.com/4417-2/", "reference_id": "USN-4417-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4417-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355183?format=api", "purl": "pkg:deb/debian/nss@2:3.53.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.53.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12402" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zafx-6fyq-pbc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1869?format=api", "vulnerability_id": "VCID-zk4j-bc3y-7qfd", "summary": "Security researcher Hanno Böck reported that calculations with\nmp_div and mp_exptmod in Network Security Services (NSS) can\nproduce wrong results in some circumstances. These functions are used within NSS for a\nvariety of cryptographic division functions, leading to potential cryptographic\nweaknesses.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.77804", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1938" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305159", "reference_id": "1305159", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938", "reference_id": "CVE-2016-1938", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-07", "reference_id": "mfsa2016-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-07" }, { "reference_url": "https://usn.ubuntu.com/2880-1/", "reference_id": "USN-2880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2880-1/" }, { "reference_url": "https://usn.ubuntu.com/2903-1/", "reference_id": "USN-2903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2903-1/" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355167?format=api", "purl": "pkg:deb/debian/nss@2:3.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1938" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zk4j-bc3y-7qfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2206?format=api", "vulnerability_id": "VCID-znvx-aqbr-2yck", "summary": "Mozilla developers added support in the Network Security Services\nmodule for preventing a type of man-in-the-middle attack against TLS\nusing forced renegotiation.Note that to benefit from the fix, Firefox 3.6 and\nFirefox 3.5 users will need to set\ntheir security.ssl.require_safe_negotiation preference to\ntrue. Firefox 3 does not contain the fix for this issue.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html" }, { "reference_url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html" }, { "reference_url": "http://blogs.iss.net/archive/sslmitmiscsrf.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://blogs.iss.net/archive/sslmitmiscsrf.html" }, { "reference_url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during" }, { "reference_url": "http://clicky.me/tlsvuln", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://clicky.me/tlsvuln" }, { "reference_url": "http://extendedsubset.com/?p=8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://extendedsubset.com/?p=8" }, { "reference_url": "http://extendedsubset.com/Renegotiating_TLS.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://extendedsubset.com/Renegotiating_TLS.pdf" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041" }, { "reference_url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" }, { "reference_url": "http://kbase.redhat.com/faq/docs/DOC-20491", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://kbase.redhat.com/faq/docs/DOC-20491" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" }, { "reference_url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html" }, { "reference_url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2" }, { "reference_url": "http://marc.info/?l=cryptography&m=125752275331877&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://marc.info/?l=cryptography&m=125752275331877&w=2" }, { "reference_url": "http://openbsd.org/errata45.html#010_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://openbsd.org/errata45.html#010_openssl" }, { "reference_url": "http://openbsd.org/errata46.html#004_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://openbsd.org/errata46.html#004_openssl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1579", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1580", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1694", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0119", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0130", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0162", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0165", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0167", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0337", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0338", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0339", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0408", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0440", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0768", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0770", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0786", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0807", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0865", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0986", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0987", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0987" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0880", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2011:0880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1591", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1591" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2009-3555" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03741", "scoring_system": "epss", "scoring_elements": "0.88206", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125" }, { "reference_url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049" }, { "reference_url": "http://seclists.org/fulldisclosure/2009/Nov/139", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2009/Nov/139" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200912-01.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-200912-01.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201203-22.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5" }, { "reference_url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d" }, { "reference_url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3" }, { "reference_url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701" }, { "reference_url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02" }, { "reference_url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3" }, { "reference_url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d" }, { "reference_url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366" }, { "reference_url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "reference_url": "https://kb.bluecoat.com/index?page=content&id=SA50", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://kb.bluecoat.com/index?page=content&id=SA50" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446" }, { "reference_url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535" }, { "reference_url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html" }, { "reference_url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt" }, { "reference_url": "https://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-5.html" }, { "reference_url": "https://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-6.html" }, { "reference_url": "https://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-7.html" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1" }, { "reference_url": "http://support.apple.com/kb/HT4004", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.apple.com/kb/HT4004" }, { "reference_url": "http://support.apple.com/kb/HT4170", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.apple.com/kb/HT4170" }, { "reference_url": "http://support.apple.com/kb/HT4171", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.apple.com/kb/HT4171" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100070150", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100070150" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100081611", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100081611" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114315", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100114315" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114327", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.avaya.com/css/P8/documents/100114327" }, { "reference_url": "http://support.citrix.com/article/CTX123359", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.citrix.com/article/CTX123359" }, { "reference_url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES" }, { "reference_url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html" }, { "reference_url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt" }, { "reference_url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html" }, { "reference_url": "http://ubuntu.com/usn/usn-923-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://ubuntu.com/usn/usn-923-1" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312" }, { "reference_url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only" }, { "reference_url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt" }, { "reference_url": "http://www.betanews.com/article/1257452450", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.betanews.com/article/1257452450" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1934", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.debian.org/security/2009/dsa-1934" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2141", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.debian.org/security/2011/dsa-2141" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html" }, { "reference_url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html" }, { "reference_url": "http://www.ingate.com/Relnote.php?ver=481", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ingate.com/Relnote.php?ver=481" }, { "reference_url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995" }, { "reference_url": "http://www.kb.cert.org/vuls/id/120541", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.kb.cert.org/vuls/id/120541" }, { "reference_url": "http://www.links.org/?p=780", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.links.org/?p=780" }, { "reference_url": "http://www.links.org/?p=786", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.links.org/?p=786" }, { "reference_url": "http://www.links.org/?p=789", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.links.org/?p=789" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089" }, { "reference_url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html" }, { "reference_url": "http://www.openssl.org/news/secadv_20091111.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openssl.org/news/secadv_20091111.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/06/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/07/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/07/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/23/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10" }, { "reference_url": "http://www.opera.com/docs/changelogs/unix/1060", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/docs/changelogs/unix/1060" }, { "reference_url": "http://www.opera.com/support/search/view/944", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/support/search/view/944" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" }, { "reference_url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" }, { "reference_url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html" }, { "reference_url": "http://www.tombom.co.uk/blog/?p=85", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.tombom.co.uk/blog/?p=85" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1010-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-1010-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-927-4" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.ubuntu.com/usn/USN-927-5" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" }, { "reference_url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0032", "reference_id": "0032", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0032" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0033", "reference_id": "0033", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0033" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0086", "reference_id": "0086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0086" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0086", "reference_id": "0086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0086" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0173", "reference_id": "0173", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0173" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0748", "reference_id": "0748", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0748" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0848", "reference_id": "0848", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0848" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0916", "reference_id": "0916", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0916" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0933", "reference_id": "0933", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0933" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0982", "reference_id": "0982", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0982" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0994", "reference_id": "0994", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/0994" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1054", "reference_id": "1054", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1054" }, { "reference_url": "http://www.opera.com/docs/changelogs/unix/1060/", "reference_id": "1060", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.opera.com/docs/changelogs/unix/1060/" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1191", "reference_id": "1191", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1191" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1350", "reference_id": "1350", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1350" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1639", "reference_id": "1639", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1639" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1673", "reference_id": "1673", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1673" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1793", "reference_id": "1793", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/1793" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2010", "reference_id": "2010", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/2010" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2745", "reference_id": "2745", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/2745" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3069", "reference_id": "3069", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3069" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3086", "reference_id": "3086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3086" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3126", "reference_id": "3126", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3126" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3164", "reference_id": "3164", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3164" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3165", "reference_id": "3165", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3165" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3205", "reference_id": "3205", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3205" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3220", "reference_id": "3220", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3220" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3310", "reference_id": "3310", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3310" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3313", "reference_id": "3313", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3313" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3353", "reference_id": "3353", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3353" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3354", "reference_id": "3354", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3354" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3484", "reference_id": "3484", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3484" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3521", "reference_id": "3521", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3521" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3587", "reference_id": "3587", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3587" }, { "reference_url": "http://www.securityfocus.com/bid/36935", "reference_id": "36935", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/bid/36935" }, { "reference_url": "http://secunia.com/advisories/37291", "reference_id": "37291", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37291" }, { "reference_url": "http://secunia.com/advisories/37292", "reference_id": "37292", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37292" }, { "reference_url": "http://secunia.com/advisories/37320", "reference_id": "37320", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37320" }, { "reference_url": "http://secunia.com/advisories/37383", "reference_id": "37383", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37383" }, { "reference_url": "http://secunia.com/advisories/37399", "reference_id": "37399", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37399" }, { "reference_url": "http://secunia.com/advisories/37453", "reference_id": "37453", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37453" }, { "reference_url": "http://secunia.com/advisories/37501", "reference_id": "37501", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37501" }, { "reference_url": "http://secunia.com/advisories/37504", "reference_id": "37504", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37504" }, { "reference_url": "http://secunia.com/advisories/37604", "reference_id": "37604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37604" }, { "reference_url": "http://secunia.com/advisories/37640", "reference_id": "37640", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37640" }, { "reference_url": "http://secunia.com/advisories/37656", "reference_id": "37656", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37656" }, { "reference_url": "http://secunia.com/advisories/37675", "reference_id": "37675", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37675" }, { "reference_url": "http://secunia.com/advisories/37859", "reference_id": "37859", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/37859" }, { "reference_url": "http://secunia.com/advisories/38003", "reference_id": "38003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38003" }, { "reference_url": "http://secunia.com/advisories/38020", "reference_id": "38020", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38020" }, { "reference_url": "http://secunia.com/advisories/38056", "reference_id": "38056", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38056" }, { "reference_url": "http://secunia.com/advisories/38241", "reference_id": "38241", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38241" }, { "reference_url": "http://secunia.com/advisories/38484", "reference_id": "38484", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38484" }, { "reference_url": "http://secunia.com/advisories/38687", "reference_id": "38687", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38687" }, { "reference_url": "http://secunia.com/advisories/38781", "reference_id": "38781", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/38781" }, { "reference_url": "http://secunia.com/advisories/39127", "reference_id": "39127", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39127" }, { "reference_url": "http://secunia.com/advisories/39136", "reference_id": "39136", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39136" }, { "reference_url": "http://secunia.com/advisories/39242", "reference_id": "39242", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39242" }, { "reference_url": "http://secunia.com/advisories/39243", "reference_id": "39243", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39243" }, { "reference_url": "http://secunia.com/advisories/39278", "reference_id": "39278", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39278" }, { "reference_url": "http://secunia.com/advisories/39292", "reference_id": "39292", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39292" }, { "reference_url": "http://secunia.com/advisories/39317", "reference_id": "39317", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39317" }, { "reference_url": "http://secunia.com/advisories/39461", "reference_id": "39461", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39461" }, { "reference_url": "http://secunia.com/advisories/39500", "reference_id": "39500", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39500" }, { "reference_url": "http://secunia.com/advisories/39628", "reference_id": "39628", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39628" }, { "reference_url": "http://secunia.com/advisories/39632", "reference_id": "39632", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39632" }, { "reference_url": "http://secunia.com/advisories/39713", "reference_id": "39713", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39713" }, { "reference_url": "http://secunia.com/advisories/39819", "reference_id": "39819", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/39819" }, { "reference_url": "http://secunia.com/advisories/40070", "reference_id": "40070", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40070" }, { "reference_url": "http://secunia.com/advisories/40545", "reference_id": "40545", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40545" }, { "reference_url": "http://secunia.com/advisories/40747", "reference_id": "40747", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40747" }, { "reference_url": "http://secunia.com/advisories/40866", "reference_id": "40866", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/40866" }, { "reference_url": "http://secunia.com/advisories/41480", "reference_id": "41480", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41480" }, { "reference_url": "http://secunia.com/advisories/41490", "reference_id": "41490", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41490" }, { "reference_url": "http://secunia.com/advisories/41818", "reference_id": "41818", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41818" }, { "reference_url": "http://secunia.com/advisories/41967", "reference_id": "41967", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41967" }, { "reference_url": "http://secunia.com/advisories/41972", "reference_id": "41972", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/41972" }, { "reference_url": "http://secunia.com/advisories/42377", "reference_id": "42377", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42377" }, { "reference_url": "http://secunia.com/advisories/42379", "reference_id": "42379", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42379" }, { "reference_url": "http://secunia.com/advisories/42467", "reference_id": "42467", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42467" }, { "reference_url": "http://secunia.com/advisories/42724", "reference_id": "42724", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42724" }, { "reference_url": "http://secunia.com/advisories/42733", "reference_id": "42733", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42733" }, { "reference_url": "http://secunia.com/advisories/42808", "reference_id": "42808", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42808" }, { "reference_url": "http://secunia.com/advisories/42811", "reference_id": "42811", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42811" }, { "reference_url": "http://secunia.com/advisories/42816", "reference_id": "42816", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/42816" }, { "reference_url": "http://secunia.com/advisories/43308", "reference_id": "43308", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/43308" }, { "reference_url": "http://secunia.com/advisories/44954", "reference_id": "44954", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/44954" }, { "reference_url": "http://secunia.com/advisories/48577", "reference_id": "48577", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://secunia.com/advisories/48577" }, { "reference_url": "http://www.securityfocus.com/archive/1/522176", "reference_id": "522176", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/522176" }, { "reference_url": "http://osvdb.org/60521", "reference_id": "60521", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/60521" }, { "reference_url": "http://osvdb.org/60972", "reference_id": "60972", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/60972" }, { "reference_url": "http://osvdb.org/62210", "reference_id": "62210", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/62210" }, { "reference_url": "http://osvdb.org/65202", "reference_id": "65202", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://osvdb.org/65202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649", "reference_id": "765649", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649" }, { "reference_url": "http://www.opera.com/support/search/view/944/", "reference_id": "944", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.opera.com/support/search/view/944/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py", "reference_id": "CVE-2009-3555", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt" }, { "reference_url": "https://www.securityfocus.com/bid/35888/info", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35888/info" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "reference_id": "f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6", "reference_id": "GHSA-f7w7-6pjc-wwm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://security.gentoo.org/glsa/201006-18", "reference_id": "GLSA-201006-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201006-18" }, { "reference_url": "https://security.gentoo.org/glsa/201110-05", "reference_id": "GLSA-201110-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-05" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" }, { "reference_url": "https://security.gentoo.org/glsa/201206-18", "reference_id": "GLSA-201206-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-18" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201309-15", "reference_id": "GLSA-201309-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-15" }, { "reference_url": "https://security.gentoo.org/glsa/201311-13", "reference_id": "GLSA-201311-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-13" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "http://securitytracker.com/id?1023148", "reference_id": "id?1023148", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://securitytracker.com/id?1023148" }, { "reference_url": "http://www.securitytracker.com/id?1023163", "reference_id": "id?1023163", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023163" }, { "reference_url": "http://www.securitytracker.com/id?1023204", "reference_id": "id?1023204", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023204" }, { "reference_url": "http://www.securitytracker.com/id?1023205", "reference_id": "id?1023205", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023205" }, { "reference_url": "http://www.securitytracker.com/id?1023206", "reference_id": "id?1023206", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023206" }, { "reference_url": "http://www.securitytracker.com/id?1023207", "reference_id": "id?1023207", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023207" }, { "reference_url": "http://www.securitytracker.com/id?1023208", "reference_id": "id?1023208", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023208" }, { "reference_url": "http://www.securitytracker.com/id?1023209", "reference_id": "id?1023209", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023209" }, { "reference_url": "http://www.securitytracker.com/id?1023210", "reference_id": "id?1023210", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023210" }, { "reference_url": "http://www.securitytracker.com/id?1023211", "reference_id": "id?1023211", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023211" }, { "reference_url": "http://www.securitytracker.com/id?1023212", "reference_id": "id?1023212", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023212" }, { "reference_url": "http://www.securitytracker.com/id?1023213", "reference_id": "id?1023213", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023213" }, { "reference_url": "http://www.securitytracker.com/id?1023214", "reference_id": "id?1023214", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023214" }, { "reference_url": "http://www.securitytracker.com/id?1023215", "reference_id": "id?1023215", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023215" }, { "reference_url": "http://www.securitytracker.com/id?1023216", "reference_id": "id?1023216", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023216" }, { "reference_url": "http://www.securitytracker.com/id?1023217", "reference_id": "id?1023217", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023217" }, { "reference_url": "http://www.securitytracker.com/id?1023218", "reference_id": "id?1023218", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023218" }, { "reference_url": "http://www.securitytracker.com/id?1023219", "reference_id": "id?1023219", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023219" }, { "reference_url": "http://www.securitytracker.com/id?1023224", "reference_id": "id?1023224", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023224" }, { "reference_url": "http://www.securitytracker.com/id?1023243", "reference_id": "id?1023243", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023243" }, { "reference_url": "http://www.securitytracker.com/id?1023270", "reference_id": "id?1023270", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023270" }, { "reference_url": "http://www.securitytracker.com/id?1023271", "reference_id": "id?1023271", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023271" }, { "reference_url": "http://www.securitytracker.com/id?1023272", "reference_id": "id?1023272", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023272" }, { "reference_url": "http://www.securitytracker.com/id?1023273", "reference_id": "id?1023273", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023273" }, { "reference_url": "http://www.securitytracker.com/id?1023274", "reference_id": "id?1023274", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023274" }, { "reference_url": "http://www.securitytracker.com/id?1023275", "reference_id": "id?1023275", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023275" }, { "reference_url": "http://www.securitytracker.com/id?1023411", "reference_id": "id?1023411", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023411" }, { "reference_url": "http://www.securitytracker.com/id?1023426", "reference_id": "id?1023426", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023426" }, { "reference_url": "http://www.securitytracker.com/id?1023427", "reference_id": "id?1023427", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023427" }, { "reference_url": "http://www.securitytracker.com/id?1023428", "reference_id": "id?1023428", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1023428" }, { "reference_url": "http://www.securitytracker.com/id?1024789", "reference_id": "id?1024789", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securitytracker.com/id?1024789" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22", "reference_id": "mfsa2010-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A10088", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A11578", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A11617", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7315", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7478", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7973", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A8366", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A8535", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535" }, { "reference_url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html", "reference_id": "plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "reference_id": "re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/" } ], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" }, { "reference_url": "https://usn.ubuntu.com/1010-1/", "reference_id": "USN-1010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1010-1/" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" }, { "reference_url": "https://usn.ubuntu.com/923-1/", "reference_id": "USN-923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/923-1/" }, { "reference_url": "https://usn.ubuntu.com/927-1/", "reference_id": "USN-927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-1/" }, { "reference_url": "https://usn.ubuntu.com/927-4/", "reference_id": "USN-927-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-4/" }, { "reference_url": "https://usn.ubuntu.com/927-6/", "reference_id": "USN-927-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-6/" }, { "reference_url": "https://usn.ubuntu.com/990-1/", "reference_id": "USN-990-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-1/" }, { "reference_url": "https://usn.ubuntu.com/990-2/", "reference_id": "USN-990-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/355153?format=api", "purl": "pkg:deb/debian/nss@3.12.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.12.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355149?format=api", "purl": "pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355147?format=api", "purl": "pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2tdh-tupa-23en" }, { "vulnerability": "VCID-5dqq-xwr4-pbfv" }, { "vulnerability": "VCID-7vub-2tme-ffbs" }, { "vulnerability": "VCID-gxau-xxpj-fufj" }, { "vulnerability": "VCID-jd6h-m6sm-xqbt" }, { "vulnerability": "VCID-mg3r-rr93-zuen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355152?format=api", "purl": "pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355150?format=api", "purl": "pkg:deb/debian/nss@2:3.123.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/355151?format=api", "purl": "pkg:deb/debian/nss@2:3.124-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3555", "GHSA-f7w7-6pjc-wwm6", "VU#120541" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znvx-aqbr-2yck" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie" }