Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
Typeapk
Namespacealpine
Nameopenssl
Version0
Qualifiers
arch s390x
distroversion v3.20
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.1.1a-r0
Latest_non_vulnerable_version3.3.7-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-95ub-7a6n-afdg
vulnerability_id VCID-95ub-7a6n-afdg
summary openssl: the c_rehash script allows command injection
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2068
reference_id
reference_type
scores
0
value 0.1858
scoring_system epss
scoring_elements 0.95258
published_at 2026-04-13T12:55:00Z
1
value 0.1858
scoring_system epss
scoring_elements 0.95233
published_at 2026-04-02T12:55:00Z
2
value 0.1858
scoring_system epss
scoring_elements 0.95235
published_at 2026-04-04T12:55:00Z
3
value 0.1858
scoring_system epss
scoring_elements 0.95239
published_at 2026-04-07T12:55:00Z
4
value 0.1858
scoring_system epss
scoring_elements 0.95247
published_at 2026-04-08T12:55:00Z
5
value 0.1858
scoring_system epss
scoring_elements 0.9525
published_at 2026-04-09T12:55:00Z
6
value 0.1858
scoring_system epss
scoring_elements 0.95255
published_at 2026-04-11T12:55:00Z
7
value 0.1858
scoring_system epss
scoring_elements 0.95256
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2068
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa
5
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
6
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7
7
reference_url https://www.openssl.org/news/secadv/20220621.txt
reference_id 20220621.txt
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://www.openssl.org/news/secadv/20220621.txt
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2097310
reference_id 2097310
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2097310
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/
reference_id 6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/
10
reference_url https://security.archlinux.org/AVG-2765
reference_id AVG-2765
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2765
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2068
reference_id CVE-2022-2068
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2068
12
reference_url https://www.debian.org/security/2022/dsa-5169
reference_id dsa-5169
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://www.debian.org/security/2022/dsa-5169
13
reference_url https://security.netapp.com/advisory/ntap-20220707-0008/
reference_id ntap-20220707-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://security.netapp.com/advisory/ntap-20220707-0008/
14
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa
15
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
16
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7
17
reference_url https://access.redhat.com/errata/RHSA-2022:5818
reference_id RHSA-2022:5818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5818
18
reference_url https://access.redhat.com/errata/RHSA-2022:6224
reference_id RHSA-2022:6224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6224
19
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
20
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
21
reference_url https://access.redhat.com/errata/RHSA-2022:8913
reference_id RHSA-2022:8913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8913
22
reference_url https://access.redhat.com/errata/RHSA-2022:8917
reference_id RHSA-2022:8917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8917
23
reference_url https://access.redhat.com/errata/RHSA-2023:5931
reference_id RHSA-2023:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5931
24
reference_url https://access.redhat.com/errata/RHSA-2023:5979
reference_id RHSA-2023:5979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5979
25
reference_url https://access.redhat.com/errata/RHSA-2023:5980
reference_id RHSA-2023:5980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5980
26
reference_url https://access.redhat.com/errata/RHSA-2023:5982
reference_id RHSA-2023:5982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5982
27
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
28
reference_url https://usn.ubuntu.com/5488-1/
reference_id USN-5488-1
reference_type
scores
url https://usn.ubuntu.com/5488-1/
29
reference_url https://usn.ubuntu.com/5488-2/
reference_id USN-5488-2
reference_type
scores
url https://usn.ubuntu.com/5488-2/
30
reference_url https://usn.ubuntu.com/6457-1/
reference_id USN-6457-1
reference_type
scores
url https://usn.ubuntu.com/6457-1/
31
reference_url https://usn.ubuntu.com/7018-1/
reference_id USN-7018-1
reference_type
scores
url https://usn.ubuntu.com/7018-1/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
reference_id VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:34Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
fixed_packages
0
url pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
purl pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@0%3Farch=s390x&distroversion=v3.20&reponame=main
aliases CVE-2022-2068
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95ub-7a6n-afdg
1
url VCID-99xj-17z4-1qhe
vulnerability_id VCID-99xj-17z4-1qhe
summary 
openssl-src heap memory corruption with RSA private key operation
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2274.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2274.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2274
reference_id
reference_type
scores
0
value 0.439
scoring_system epss
scoring_elements 0.97532
published_at 2026-04-13T12:55:00Z
1
value 0.439
scoring_system epss
scoring_elements 0.97514
published_at 2026-04-02T12:55:00Z
2
value 0.439
scoring_system epss
scoring_elements 0.97531
published_at 2026-04-12T12:55:00Z
3
value 0.439
scoring_system epss
scoring_elements 0.97529
published_at 2026-04-11T12:55:00Z
4
value 0.439
scoring_system epss
scoring_elements 0.97526
published_at 2026-04-09T12:55:00Z
5
value 0.439
scoring_system epss
scoring_elements 0.97525
published_at 2026-04-08T12:55:00Z
6
value 0.439
scoring_system epss
scoring_elements 0.97519
published_at 2026-04-07T12:55:00Z
7
value 0.439
scoring_system epss
scoring_elements 0.97517
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2274
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/openssl/openssl/issues/18625
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openssl/openssl/issues/18625
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4d8a88c134df634ba610ff8db1eb8478ac5fd345
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4d8a88c134df634ba610ff8db1eb8478ac5fd345
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2274
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-2274
6
reference_url https://rustsec.org/advisories/RUSTSEC-2022-0033.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2022-0033.html
7
reference_url https://security.netapp.com/advisory/ntap-20220715-0010
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220715-0010
8
reference_url https://security.netapp.com/advisory/ntap-20220715-0010/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220715-0010/
9
reference_url https://www.openssl.org/news/secadv/20220705.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openssl.org/news/secadv/20220705.txt
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013441
reference_id 1013441
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013441
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102943
reference_id 2102943
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102943
12
reference_url https://github.com/advisories/GHSA-735f-pg76-fxc4
reference_id GHSA-735f-pg76-fxc4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-735f-pg76-fxc4
fixed_packages
0
url pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
purl pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@0%3Farch=s390x&distroversion=v3.20&reponame=main
aliases CVE-2022-2274, GHSA-735f-pg76-fxc4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-99xj-17z4-1qhe
2
url VCID-hjgb-ch1w-nbfs
vulnerability_id VCID-hjgb-ch1w-nbfs
summary 
Improper Certificate Validation
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0466.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0466.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0466
reference_id
reference_type
scores
0
value 0.00711
scoring_system epss
scoring_elements 0.72206
published_at 2026-04-02T12:55:00Z
1
value 0.00711
scoring_system epss
scoring_elements 0.72242
published_at 2026-04-13T12:55:00Z
2
value 0.00711
scoring_system epss
scoring_elements 0.72226
published_at 2026-04-04T12:55:00Z
3
value 0.00711
scoring_system epss
scoring_elements 0.72201
published_at 2026-04-07T12:55:00Z
4
value 0.00711
scoring_system epss
scoring_elements 0.72238
published_at 2026-04-08T12:55:00Z
5
value 0.00711
scoring_system epss
scoring_elements 0.7225
published_at 2026-04-09T12:55:00Z
6
value 0.00711
scoring_system epss
scoring_elements 0.72272
published_at 2026-04-11T12:55:00Z
7
value 0.00711
scoring_system epss
scoring_elements 0.72256
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0466
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a
8
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908
9
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72
10
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061
11
reference_url https://www.openssl.org/news/secadv/20230328.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://www.openssl.org/news/secadv/20230328.txt
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720
reference_id 1034720
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2182565
reference_id 2182565
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2182565
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0466
reference_id CVE-2023-0466
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0466
15
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
16
reference_url https://security.netapp.com/advisory/ntap-20230414-0001/
reference_id ntap-20230414-0001
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T17:11:17Z/
url https://security.netapp.com/advisory/ntap-20230414-0001/
17
reference_url https://access.redhat.com/errata/RHSA-2023:3722
reference_id RHSA-2023:3722
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3722
18
reference_url https://access.redhat.com/errata/RHSA-2023:7622
reference_id RHSA-2023:7622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7622
19
reference_url https://access.redhat.com/errata/RHSA-2023:7623
reference_id RHSA-2023:7623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7623
20
reference_url https://access.redhat.com/errata/RHSA-2023:7625
reference_id RHSA-2023:7625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7625
21
reference_url https://access.redhat.com/errata/RHSA-2023:7626
reference_id RHSA-2023:7626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7626
22
reference_url https://usn.ubuntu.com/6039-1/
reference_id USN-6039-1
reference_type
scores
url https://usn.ubuntu.com/6039-1/
23
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
purl pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@0%3Farch=s390x&distroversion=v3.20&reponame=main
aliases CVE-2023-0466
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hjgb-ch1w-nbfs
3
url VCID-q2ae-5r8q-3fbv
vulnerability_id VCID-q2ae-5r8q-3fbv
summary 
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The `c_rehash` script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the `c_rehash` script is considered obsolete and should be replaced by the OpenSSL `rehash` command line tool.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1292
reference_id
reference_type
scores
0
value 0.38986
scoring_system epss
scoring_elements 0.97271
published_at 2026-04-13T12:55:00Z
1
value 0.38986
scoring_system epss
scoring_elements 0.97246
published_at 2026-04-01T12:55:00Z
2
value 0.38986
scoring_system epss
scoring_elements 0.9727
published_at 2026-04-12T12:55:00Z
3
value 0.38986
scoring_system epss
scoring_elements 0.97265
published_at 2026-04-08T12:55:00Z
4
value 0.38986
scoring_system epss
scoring_elements 0.97258
published_at 2026-04-07T12:55:00Z
5
value 0.38986
scoring_system epss
scoring_elements 0.97252
published_at 2026-04-02T12:55:00Z
6
value 0.38986
scoring_system epss
scoring_elements 0.97269
published_at 2026-04-11T12:55:00Z
7
value 0.38986
scoring_system epss
scoring_elements 0.97266
published_at 2026-04-09T12:55:00Z
8
value 0.38986
scoring_system epss
scoring_elements 0.97257
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1292
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
5
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
6
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
7
reference_url https://www.openssl.org/news/secadv/20220503.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://www.openssl.org/news/secadv/20220503.txt
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2081494
reference_id 2081494
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2081494
9
reference_url https://security.archlinux.org/AVG-2702
reference_id AVG-2702
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2702
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1292
reference_id CVE-2022-1292
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-1292
11
reference_url https://www.debian.org/security/2022/dsa-5139
reference_id dsa-5139
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://www.debian.org/security/2022/dsa-5139
12
reference_url https://security.gentoo.org/glsa/202210-02
reference_id GLSA-202210-02
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://security.gentoo.org/glsa/202210-02
13
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
reference_id msg00019.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
14
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
15
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb
16
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
17
reference_url https://access.redhat.com/errata/RHSA-2022:5818
reference_id RHSA-2022:5818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5818
18
reference_url https://access.redhat.com/errata/RHSA-2022:6224
reference_id RHSA-2022:6224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6224
19
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
20
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
21
reference_url https://access.redhat.com/errata/RHSA-2022:8913
reference_id RHSA-2022:8913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8913
22
reference_url https://access.redhat.com/errata/RHSA-2022:8917
reference_id RHSA-2022:8917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8917
23
reference_url https://access.redhat.com/errata/RHSA-2023:5931
reference_id RHSA-2023:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5931
24
reference_url https://access.redhat.com/errata/RHSA-2023:5979
reference_id RHSA-2023:5979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5979
25
reference_url https://access.redhat.com/errata/RHSA-2023:5980
reference_id RHSA-2023:5980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5980
26
reference_url https://access.redhat.com/errata/RHSA-2023:5982
reference_id RHSA-2023:5982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5982
27
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
28
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011
reference_id SNWLID-2022-0011
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011
29
reference_url https://usn.ubuntu.com/5402-1/
reference_id USN-5402-1
reference_type
scores
url https://usn.ubuntu.com/5402-1/
30
reference_url https://usn.ubuntu.com/5402-2/
reference_id USN-5402-2
reference_type
scores
url https://usn.ubuntu.com/5402-2/
31
reference_url https://usn.ubuntu.com/6457-1/
reference_id USN-6457-1
reference_type
scores
url https://usn.ubuntu.com/6457-1/
32
reference_url https://usn.ubuntu.com/7018-1/
reference_id USN-7018-1
reference_type
scores
url https://usn.ubuntu.com/7018-1/
33
reference_url https://usn.ubuntu.com/7060-1/
reference_id USN-7060-1
reference_type
scores
url https://usn.ubuntu.com/7060-1/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/
reference_id VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/
reference_id ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:35Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/
fixed_packages
0
url pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
purl pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@0%3Farch=s390x&distroversion=v3.20&reponame=main
aliases CVE-2022-1292
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2ae-5r8q-3fbv
4
url VCID-t4t8-753w-zqc5
vulnerability_id VCID-t4t8-753w-zqc5
summary 
POLY1305 MAC implementation corrupts XMM registers on Windows
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that might corrupt the internal state of applications on the
Windows 64 platform when running on newer X86_64 processors supporting the
AVX512-IFMA instructions.

Impact summary: If in an application that uses the OpenSSL library an attacker
can influence whether the POLY1305 MAC algorithm is used, the application
state might be corrupted with various application dependent consequences.

The POLY1305 MAC (message authentication code) implementation in OpenSSL does
not save the contents of non-volatile XMM registers on Windows 64 platform
when calculating the MAC of data larger than 64 bytes. Before returning to
the caller all the XMM registers are set to zero rather than restoring their
previous content. The vulnerable code is used only on newer x86_64 processors
supporting the AVX512-IFMA instructions.

The consequences of this kind of internal application state corruption can
be various - from no consequences, if the calling application does not
depend on the contents of non-volatile XMM registers at all, to the worst
consequences, where the attacker could get complete control of the application
process. However given the contents of the registers are just zeroized so
the attacker cannot put arbitrary values inside, the most likely consequence,
if any, would be an incorrect result of some application dependent
calculations or a crash leading to a denial of service.

The POLY1305 MAC algorithm is most frequently used as part of the
CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)
algorithm. The most common usage of this AEAD cipher is with TLS protocol
versions 1.2 and 1.3 and a malicious client can influence whether this AEAD
cipher is used by the server. This implies that server applications using
OpenSSL can be potentially impacted. However we are currently not aware of
any concrete application that would be affected by this issue therefore we
consider this a Low severity security issue.

As a workaround the AVX512-IFMA instructions support can be disabled at
runtime by setting the environment variable OPENSSL_ia32cap:

  OPENSSL_ia32cap=:~0x200000

The FIPS provider is not affected by this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4807.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4807.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4807
reference_id
reference_type
scores
0
value 0.0082
scoring_system epss
scoring_elements 0.74337
published_at 2026-04-02T12:55:00Z
1
value 0.0082
scoring_system epss
scoring_elements 0.74379
published_at 2026-04-13T12:55:00Z
2
value 0.0082
scoring_system epss
scoring_elements 0.74364
published_at 2026-04-04T12:55:00Z
3
value 0.0082
scoring_system epss
scoring_elements 0.74338
published_at 2026-04-07T12:55:00Z
4
value 0.0082
scoring_system epss
scoring_elements 0.74371
published_at 2026-04-08T12:55:00Z
5
value 0.0082
scoring_system epss
scoring_elements 0.74386
published_at 2026-04-09T12:55:00Z
6
value 0.0082
scoring_system epss
scoring_elements 0.74407
published_at 2026-04-11T12:55:00Z
7
value 0.0082
scoring_system epss
scoring_elements 0.74387
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4807
2
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5
3
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff
5
reference_url https://security.netapp.com/advisory/ntap-20230921-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20230921-0001/
6
reference_url https://www.openssl.org/news/secadv/20230908.txt
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://www.openssl.org/news/secadv/20230908.txt
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2238009
reference_id 2238009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2238009
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-4807
reference_id CVE-2023-4807
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-4807
fixed_packages
0
url pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
purl pkg:apk/alpine/openssl@0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@0%3Farch=s390x&distroversion=v3.20&reponame=main
aliases CVE-2023-4807
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t8-753w-zqc5
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@0%3Farch=s390x&distroversion=v3.20&reponame=main