Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nss@2:3.73-1?distro=trixie

Type deb

Namespace debian

Name nss

Version 2:3.73-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2:3.87-1

Latest_non_vulnerable_version 2:3.124-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-73hk-8ry1-cfdf

vulnerability_id VCID-73hk-8ry1-cfdf

summary After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-22747

reference_id

reference_type

scores

value	0.00146
scoring_system	epss
scoring_elements	0.34673
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-22747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2039572
reference_id	2039572
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2039572

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-01

reference_id

mfsa2022-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-01/

reference_id

mfsa2022-01

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-02

reference_id

mfsa2022-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-02/

reference_id

mfsa2022-02

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-03

reference_id

mfsa2022-03

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-03

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-03/

reference_id

mfsa2022-03

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-03/

reference_url	https://access.redhat.com/errata/RHSA-2022:0123
reference_id	RHSA-2022:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0123

reference_url	https://access.redhat.com/errata/RHSA-2022:0124
reference_id	RHSA-2022:0124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0124

reference_url	https://access.redhat.com/errata/RHSA-2022:0125
reference_id	RHSA-2022:0125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0125

reference_url	https://access.redhat.com/errata/RHSA-2022:0126
reference_id	RHSA-2022:0126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0126

reference_url	https://access.redhat.com/errata/RHSA-2022:0127
reference_id	RHSA-2022:0127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0127

reference_url	https://access.redhat.com/errata/RHSA-2022:0128
reference_id	RHSA-2022:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0128

reference_url	https://access.redhat.com/errata/RHSA-2022:0129
reference_id	RHSA-2022:0129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0129

reference_url	https://access.redhat.com/errata/RHSA-2022:0130
reference_id	RHSA-2022:0130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0130

reference_url	https://access.redhat.com/errata/RHSA-2022:0131
reference_id	RHSA-2022:0131
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0131

reference_url	https://access.redhat.com/errata/RHSA-2022:0132
reference_id	RHSA-2022:0132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0132

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1735028

reference_id

show_bug.cgi?id=1735028

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1735028

reference_url	https://usn.ubuntu.com/5229-1/
reference_id	USN-5229-1
reference_type
scores
url	https://usn.ubuntu.com/5229-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

reference_url	https://usn.ubuntu.com/5506-1/
reference_id	USN-5506-1
reference_type
scores
url	https://usn.ubuntu.com/5506-1/

reference_url	https://usn.ubuntu.com/5872-1/
reference_id	USN-5872-1
reference_type
scores
url	https://usn.ubuntu.com/5872-1/

fixed_packages

url	pkg:deb/debian/nss@2:3.61-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/nss@2:3.61-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.73-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.73-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.73-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-7vub-2tme-ffbs

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.124-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.124-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie

aliases CVE-2022-22747

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73hk-8ry1-cfdf

url VCID-cg71-bce4-n3cm

vulnerability_id VCID-cg71-bce4-n3cm

summary NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43527.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43527.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43527

reference_id

reference_type

scores

value	0.05243
scoring_system	epss
scoring_elements	0.90112
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43527

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2024370
reference_id	2024370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2024370

reference_url	https://security.archlinux.org/ASA-202112-3
reference_id	ASA-202112-3
reference_type
scores
url	https://security.archlinux.org/ASA-202112-3

reference_url	https://security.archlinux.org/ASA-202112-4
reference_id	ASA-202112-4
reference_type
scores
url	https://security.archlinux.org/ASA-202112-4

reference_url

https://security.archlinux.org/AVG-2596

reference_id

AVG-2596

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2596

reference_url

https://security.archlinux.org/AVG-2597

reference_id

AVG-2597

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2597

reference_url	https://security.gentoo.org/glsa/202212-05
reference_id	GLSA-202212-05
reference_type
scores
url	https://security.gentoo.org/glsa/202212-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-51

reference_id

mfsa2021-51

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-51

reference_url	https://access.redhat.com/errata/RHSA-2021:4903
reference_id	RHSA-2021:4903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4903

reference_url	https://access.redhat.com/errata/RHSA-2021:4904
reference_id	RHSA-2021:4904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4904

reference_url	https://access.redhat.com/errata/RHSA-2021:4907
reference_id	RHSA-2021:4907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4907

reference_url	https://access.redhat.com/errata/RHSA-2021:4909
reference_id	RHSA-2021:4909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4909

reference_url	https://access.redhat.com/errata/RHSA-2021:4919
reference_id	RHSA-2021:4919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4919

reference_url	https://access.redhat.com/errata/RHSA-2021:4932
reference_id	RHSA-2021:4932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4932

reference_url	https://access.redhat.com/errata/RHSA-2021:4933
reference_id	RHSA-2021:4933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4933

reference_url	https://access.redhat.com/errata/RHSA-2021:4946
reference_id	RHSA-2021:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4946

reference_url	https://access.redhat.com/errata/RHSA-2021:4953
reference_id	RHSA-2021:4953
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4953

reference_url	https://access.redhat.com/errata/RHSA-2021:4954
reference_id	RHSA-2021:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4954

reference_url	https://access.redhat.com/errata/RHSA-2021:4969
reference_id	RHSA-2021:4969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4969

reference_url	https://access.redhat.com/errata/RHSA-2021:4994
reference_id	RHSA-2021:4994
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4994

reference_url	https://access.redhat.com/errata/RHSA-2021:5006
reference_id	RHSA-2021:5006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5006

reference_url	https://access.redhat.com/errata/RHSA-2021:5035
reference_id	RHSA-2021:5035
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5035

reference_url	https://usn.ubuntu.com/5168-1/
reference_id	USN-5168-1
reference_type
scores
url	https://usn.ubuntu.com/5168-1/

reference_url	https://usn.ubuntu.com/5168-2/
reference_id	USN-5168-2
reference_type
scores
url	https://usn.ubuntu.com/5168-2/

reference_url	https://usn.ubuntu.com/5168-3/
reference_id	USN-5168-3
reference_type
scores
url	https://usn.ubuntu.com/5168-3/

reference_url	https://usn.ubuntu.com/5168-4/
reference_id	USN-5168-4
reference_type
scores
url	https://usn.ubuntu.com/5168-4/

fixed_packages

url	pkg:deb/debian/nss@2:3.61-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.61-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.73-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.73-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.73-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-7vub-2tme-ffbs

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.124-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.124-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie

aliases CVE-2021-43527

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cg71-bce4-n3cm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.73-1%3Fdistro=trixie

Package Instance