Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nss@3.13.4-1?distro=trixie

Type deb

Namespace debian

Name nss

Version 3.13.4-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2:3.14.3-1

Latest_non_vulnerable_version 2:3.124-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2b7j-hzma-nbfb

vulnerability_id VCID-2b7j-hzma-nbfb

summary

Security researcher Kaspar Brand found a flaw in how the
Network Security Services (NSS) ASN.1 decoder handles zero length items. Effects
of this issue depend on the field. One known symptom is an unexploitable crash
in handling OCSP responses. NSS also mishandles zero-length basic constraints,
assuming default values for some types that should be rejected as malformed.
These issues have been addressed in NSS 3.13.4, which is now being used by
Mozilla.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0441.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0441.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0441

reference_id

reference_type

scores

value	0.03581
scoring_system	epss
scoring_elements	0.8794
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0441

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=827833
reference_id	827833
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=827833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441
reference_id	CVE-2012-0441
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2012-39

reference_id

mfsa2012-39

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2012-39

reference_url	https://access.redhat.com/errata/RHSA-2012:1090
reference_id	RHSA-2012:1090
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1090

reference_url	https://access.redhat.com/errata/RHSA-2012:1091
reference_id	RHSA-2012:1091
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1091

reference_url	https://usn.ubuntu.com/1463-1/
reference_id	USN-1463-1
reference_type
scores
url	https://usn.ubuntu.com/1463-1/

reference_url	https://usn.ubuntu.com/1463-4/
reference_id	USN-1463-4
reference_type
scores
url	https://usn.ubuntu.com/1463-4/

reference_url	https://usn.ubuntu.com/1463-6/
reference_id	USN-1463-6
reference_type
scores
url	https://usn.ubuntu.com/1463-6/

reference_url	https://usn.ubuntu.com/1540-1/
reference_id	USN-1540-1
reference_type
scores
url	https://usn.ubuntu.com/1540-1/

reference_url	https://usn.ubuntu.com/1540-2/
reference_id	USN-1540-2
reference_type
scores
url	https://usn.ubuntu.com/1540-2/

fixed_packages

url	pkg:deb/debian/nss@3.13.4-1?distro=trixie
purl	pkg:deb/debian/nss@3.13.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.13.4-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-7vub-2tme-ffbs

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.124-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.124-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie

aliases CVE-2012-0441

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2b7j-hzma-nbfb

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@3.13.4-1%3Fdistro=trixie

Package Instance