Package Instance

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/27/1

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/27/1

reference_url

http://www.openwall.com/lists/oss-security/2021/03/27/2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/27/2

reference_url

http://www.openwall.com/lists/oss-security/2021/03/28/3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/28/3

reference_url

http://www.openwall.com/lists/oss-security/2021/03/28/4

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/28/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941554
reference_id	1941554
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941554

reference_url	https://security.archlinux.org/ASA-202103-10
reference_id	ASA-202103-10
reference_type
scores
url	https://security.archlinux.org/ASA-202103-10

reference_url

https://security.archlinux.org/AVG-1736

reference_id

AVG-1736

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1736

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-3449

reference_id

CVE-2021-3449

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-3449

reference_url	https://access.redhat.com/errata/RHSA-2021:1024
reference_id	RHSA-2021:1024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1024

reference_url	https://access.redhat.com/errata/RHSA-2021:1063
reference_id	RHSA-2021:1063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1063

reference_url	https://access.redhat.com/errata/RHSA-2021:1131
reference_id	RHSA-2021:1131
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1131

reference_url	https://access.redhat.com/errata/RHSA-2021:1189
reference_id	RHSA-2021:1189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1189

reference_url	https://access.redhat.com/errata/RHSA-2021:1195
reference_id	RHSA-2021:1195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1195

reference_url	https://access.redhat.com/errata/RHSA-2021:1196
reference_id	RHSA-2021:1196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1196

reference_url	https://access.redhat.com/errata/RHSA-2021:1199
reference_id	RHSA-2021:1199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1199

reference_url	https://access.redhat.com/errata/RHSA-2021:1200
reference_id	RHSA-2021:1200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1200

reference_url	https://access.redhat.com/errata/RHSA-2021:1202
reference_id	RHSA-2021:1202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1202

reference_url	https://access.redhat.com/errata/RHSA-2021:1203
reference_id	RHSA-2021:1203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1203

fixed_packages

url	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
purl	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3

aliases CVE-2021-3449, GHSA-83mx-573x-5rw9

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-249a-9kqa-p7an

url VCID-3pke-7yer-87hz

vulnerability_id VCID-3pke-7yer-87hz

summary arbitrary command execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2097310
reference_id	2097310
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2097310

reference_url

https://security.archlinux.org/AVG-2765

reference_id

AVG-2765

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2765

reference_url	https://access.redhat.com/errata/RHSA-2022:5818
reference_id	RHSA-2022:5818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5818

reference_url	https://access.redhat.com/errata/RHSA-2022:6224
reference_id	RHSA-2022:6224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6224

reference_url	https://access.redhat.com/errata/RHSA-2022:8840
reference_id	RHSA-2022:8840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8840

reference_url	https://access.redhat.com/errata/RHSA-2022:8841
reference_id	RHSA-2022:8841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8841

reference_url	https://access.redhat.com/errata/RHSA-2022:8913
reference_id	RHSA-2022:8913
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8913

reference_url	https://access.redhat.com/errata/RHSA-2022:8917
reference_id	RHSA-2022:8917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8917

reference_url	https://access.redhat.com/errata/RHSA-2023:5931
reference_id	RHSA-2023:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5931

reference_url	https://access.redhat.com/errata/RHSA-2023:5979
reference_id	RHSA-2023:5979
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5979

reference_url	https://access.redhat.com/errata/RHSA-2023:5980
reference_id	RHSA-2023:5980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5980

reference_url	https://access.redhat.com/errata/RHSA-2023:5982
reference_id	RHSA-2023:5982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5982

reference_url	https://access.redhat.com/errata/RHSA-2023:6818
reference_id	RHSA-2023:6818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6818

fixed_packages

url	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
purl	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3

aliases CVE-2022-2068

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3pke-7yer-87hz

url VCID-4197-62g5-8ka3

vulnerability_id VCID-4197-62g5-8ka3

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-2181

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4197-62g5-8ka3

url VCID-448b-h78v-wfes

vulnerability_id VCID-448b-h78v-wfes

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-2177

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-448b-h78v-wfes

url VCID-4pe4-89ss-57am

vulnerability_id VCID-4pe4-89ss-57am

summary denial of service

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054

reference_url

reference_id

AVG-143

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-144

reference_url

reference_id

AVG-144

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-144

fixed_packages

url pkg:deb/debian/openssl@1.1.0l-1~deb9u1

purl pkg:deb/debian/openssl@1.1.0l-1~deb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0l-1~deb9u1

aliases CVE-2016-7054

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4pe4-89ss-57am

url VCID-4wy2-zsz2-a3ew

vulnerability_id VCID-4wy2-zsz2-a3ew

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-70

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-6304

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4wy2-zsz2-a3ew

url VCID-7gkv-pu79-43hx

vulnerability_id VCID-7gkv-pu79-43hx

summary

Security researcher Matthew Green reported a Diffie–Hellman
(DHE) key processing issue in Network Security Services (NSS) where a
man-in-the-middle (MITM) attacker can force a server to downgrade TLS
connections to 512-bit export-grade cryptography by modifying client
requests to include only export-grade cipher suites. The resulting
weak key can then be leveraged to impersonate the server. This attack
is detailed in the "Imperfect Forward
Secrecy: How Diffie-Hellman Fails in Practice" paper and is known as the
"Logjam Attack."This issue was fixed in NSS version 3.19.1 by limiting the lower strength of
supported DHE keys to use 1023 bit primes.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id	CVE-2015-4000
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url

reference_id

mfsa2015-70

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-70

fixed_packages

url pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20

purl pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-2%252Bdeb7u20

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2015-4000

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7gkv-pu79-43hx

url VCID-81zk-xrsj-cufe

vulnerability_id VCID-81zk-xrsj-cufe

summary

Security researcher Karthikeyan Bhargavan reported an issue
in Network Security Services (NSS) where MD5 signatures in the server signature within the
TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has
officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This
issues exposes NSS based clients such as Firefox to theoretical collision-based forgery
attacks. This issue was fixed in NSS version 3.20.2.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id	CVE-2015-7575
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

reference_id

mfsa2015-150

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

fixed_packages

url pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20

purl pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-2%252Bdeb7u20

url pkg:deb/debian/openssl@1.0.1k-3

purl pkg:deb/debian/openssl@1.0.1k-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-3

aliases CVE-2015-7575

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81zk-xrsj-cufe

url VCID-8fae-zjwu-47gz

vulnerability_id VCID-8fae-zjwu-47gz

summary denial of service

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html

reference_url

http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1967.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1967.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967

reference_url

http://seclists.org/fulldisclosure/2020/May/5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2020/May/5

reference_url

https://github.com/irsl/CVE-2020-1967

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/irsl/CVE-2020-1967

reference_url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1

reference_url

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440

reference_url

https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO

reference_url

https://rustsec.org/advisories/RUSTSEC-2020-0015.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2020-0015.html

reference_url

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc

reference_url

https://security.gentoo.org/glsa/202004-10

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202004-10

reference_url

https://security.netapp.com/advisory/ntap-20200424-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200424-0003

reference_url

https://security.netapp.com/advisory/ntap-20200717-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200717-0004

reference_url

https://www.debian.org/security/2020/dsa-4661

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4661

reference_url

https://www.openssl.org/news/secadv/20200421.txt

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.openssl.org/news/secadv/20200421.txt

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

https://www.synology.com/security/advisory/Synology_SA_20_05

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.synology.com/security/advisory/Synology_SA_20_05

reference_url

https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL

reference_url

https://www.tenable.com/security/tns-2020-03

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2020-03

reference_url

https://www.tenable.com/security/tns-2020-04

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2020-04

reference_url

https://www.tenable.com/security/tns-2020-11

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2020-11

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/04/22/2

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/04/22/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1823670
reference_id	1823670
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1823670

reference_url	https://security.archlinux.org/ASA-202004-18
reference_id	ASA-202004-18
reference_type
scores
url	https://security.archlinux.org/ASA-202004-18

reference_url	https://security.archlinux.org/ASA-202004-19
reference_id	ASA-202004-19
reference_type
scores
url	https://security.archlinux.org/ASA-202004-19

reference_url

https://security.archlinux.org/AVG-1139

reference_id

AVG-1139

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1139

reference_url

https://security.archlinux.org/AVG-1142

reference_id

AVG-1142

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1142

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1967

reference_id

CVE-2020-1967

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1967

fixed_packages

url	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
purl	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3

aliases CVE-2020-1967, GHSA-jq65-29v4-4x35

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fae-zjwu-47gz

url VCID-atus-ryef-17h1

vulnerability_id VCID-atus-ryef-17h1

summary

Mozilla developers added support in the Network Security Services
module for preventing a type of man-in-the-middle attack against TLS
using forced renegotiation.Note that to benefit from the fix, Firefox 3.6 and
Firefox 3.5 users will need to set
their security.ssl.require_safe_negotiation preference to
true.  Firefox 3 does not contain the fix for this issue.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

reference_url	https://nginx.org/download/patch.cve-2009-3555.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.cve-2009-3555.txt

reference_url	https://nginx.org/download/patch.cve-2009-3555.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.cve-2009-3555.txt.asc

reference_url	https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
url	https://tomcat.apache.org/security-7.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649
reference_id	765649
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
reference_id	CVE-2009-3555
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2009-3555
reference_id	CVE-2009-3555
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2009-3555

reference_url	https://github.com/advisories/GHSA-f7w7-6pjc-wwm6
reference_id	GHSA-f7w7-6pjc-wwm6
reference_type
scores
url	https://github.com/advisories/GHSA-f7w7-6pjc-wwm6

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2010-22

reference_id

mfsa2010-22

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2010-22

fixed_packages

url pkg:deb/debian/openssl@0.9.8o-4squeeze14

purl pkg:deb/debian/openssl@0.9.8o-4squeeze14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-4squeeze14

aliases CVE-2009-3555, GHSA-f7w7-6pjc-wwm6, VU#120541

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-atus-ryef-17h1

url VCID-d1w5-8ktx-cubx

vulnerability_id VCID-d1w5-8ktx-cubx

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-2180

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1w5-8ktx-cubx

url VCID-dspw-qctj-jufk

vulnerability_id VCID-dspw-qctj-jufk

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-2182

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dspw-qctj-jufk

url VCID-e6jy-vxau-jfba

vulnerability_id VCID-e6jy-vxau-jfba

summary denial of service

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7053

reference_url

reference_id

AVG-143

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json

fixed_packages

url pkg:deb/debian/openssl@1.1.0l-1~deb9u1

purl pkg:deb/debian/openssl@1.1.0l-1~deb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0l-1~deb9u1

aliases CVE-2016-7053

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6jy-vxau-jfba

url VCID-erdm-7pfg-e7hc

vulnerability_id VCID-erdm-7pfg-e7hc

summary

references

reference_url

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292

reference_url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
reference_id
reference_type
scores
url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2

reference_url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
reference_id
reference_type
scores
url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb

reference_url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
reference_id
reference_type
scores
url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23

reference_url	https://www.openssl.org/news/secadv/20220503.txt
reference_id
reference_type
scores
url	https://www.openssl.org/news/secadv/20220503.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081494
reference_id	2081494
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081494

reference_url

https://security.archlinux.org/AVG-2702

reference_id

AVG-2702

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2702

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-1292
reference_id	CVE-2022-1292
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-1292

reference_url	https://access.redhat.com/errata/RHSA-2022:5818
reference_id	RHSA-2022:5818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5818

reference_url	https://access.redhat.com/errata/RHSA-2022:6224
reference_id	RHSA-2022:6224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6224

reference_url	https://access.redhat.com/errata/RHSA-2022:8840
reference_id	RHSA-2022:8840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8840

reference_url	https://access.redhat.com/errata/RHSA-2022:8841
reference_id	RHSA-2022:8841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8841

reference_url	https://access.redhat.com/errata/RHSA-2022:8913
reference_id	RHSA-2022:8913
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8913

reference_url	https://access.redhat.com/errata/RHSA-2022:8917
reference_id	RHSA-2022:8917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8917

reference_url	https://access.redhat.com/errata/RHSA-2023:5931
reference_id	RHSA-2023:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5931

reference_url	https://access.redhat.com/errata/RHSA-2023:5979
reference_id	RHSA-2023:5979
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5979

reference_url	https://access.redhat.com/errata/RHSA-2023:5980
reference_id	RHSA-2023:5980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5980

reference_url	https://access.redhat.com/errata/RHSA-2023:5982
reference_id	RHSA-2023:5982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5982

reference_url	https://access.redhat.com/errata/RHSA-2023:6818
reference_id	RHSA-2023:6818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6818

fixed_packages

url	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
purl	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3

aliases CVE-2022-1292

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erdm-7pfg-e7hc

url VCID-fb66-4fr3-xye7

vulnerability_id VCID-fb66-4fr3-xye7

summary denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1971.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1971.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971

reference_url	https://www.openssl.org/news/secadv/20201208.txt
reference_id
reference_type
scores
url	https://www.openssl.org/news/secadv/20201208.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1903409
reference_id	1903409
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1903409

reference_url	https://security.archlinux.org/ASA-202012-24
reference_id	ASA-202012-24
reference_type
scores
url	https://security.archlinux.org/ASA-202012-24

reference_url

https://security.archlinux.org/AVG-1335

reference_id

AVG-1335

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1335

reference_url

https://security.archlinux.org/AVG-1404

reference_id

AVG-1404

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1404

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-1971
reference_id	CVE-2020-1971
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-1971

reference_url	https://access.redhat.com/errata/RHSA-2020:5422
reference_id	RHSA-2020:5422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5422

reference_url	https://access.redhat.com/errata/RHSA-2020:5476
reference_id	RHSA-2020:5476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5476

reference_url	https://access.redhat.com/errata/RHSA-2020:5566
reference_id	RHSA-2020:5566
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5566

reference_url	https://access.redhat.com/errata/RHSA-2020:5588
reference_id	RHSA-2020:5588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5588

reference_url	https://access.redhat.com/errata/RHSA-2020:5623
reference_id	RHSA-2020:5623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5623

reference_url	https://access.redhat.com/errata/RHSA-2020:5637
reference_id	RHSA-2020:5637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5637

reference_url	https://access.redhat.com/errata/RHSA-2020:5639
reference_id	RHSA-2020:5639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5639

reference_url	https://access.redhat.com/errata/RHSA-2020:5640
reference_id	RHSA-2020:5640
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5640

reference_url	https://access.redhat.com/errata/RHSA-2020:5641
reference_id	RHSA-2020:5641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5641

reference_url	https://access.redhat.com/errata/RHSA-2020:5642
reference_id	RHSA-2020:5642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5642

reference_url	https://access.redhat.com/errata/RHSA-2021:0056
reference_id	RHSA-2021:0056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0056

reference_url	https://access.redhat.com/errata/RHSA-2021:0486
reference_id	RHSA-2021:0486
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0486

reference_url	https://access.redhat.com/errata/RHSA-2021:0488
reference_id	RHSA-2021:0488
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0488

reference_url	https://access.redhat.com/errata/RHSA-2021:0489
reference_id	RHSA-2021:0489
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0489

reference_url	https://access.redhat.com/errata/RHSA-2021:0491
reference_id	RHSA-2021:0491
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0491

reference_url	https://access.redhat.com/errata/RHSA-2021:0494
reference_id	RHSA-2021:0494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0494

reference_url	https://access.redhat.com/errata/RHSA-2021:0495
reference_id	RHSA-2021:0495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0495

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

fixed_packages

url	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
purl	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3

aliases CVE-2020-1971

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fb66-4fr3-xye7

url VCID-fgmh-6g91-9qgv

vulnerability_id VCID-fgmh-6g91-9qgv

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-6302

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgmh-6g91-9qgv

url VCID-g1bm-2aj1-kff9

vulnerability_id VCID-g1bm-2aj1-kff9

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-6303

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g1bm-2aj1-kff9

url VCID-k4k5-uhxu-gyc1

vulnerability_id VCID-k4k5-uhxu-gyc1

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-2179

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4k5-uhxu-gyc1

url VCID-m4ms-vh59-ufbd

vulnerability_id VCID-m4ms-vh59-ufbd

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3711.json

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-6306

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4ms-vh59-ufbd

url VCID-n1r2-zqmn-2ufh

vulnerability_id VCID-n1r2-zqmn-2ufh

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3711.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712

reference_url	https://www.openssl.org/news/secadv/20210824.txt
reference_id
reference_type
scores
url	https://www.openssl.org/news/secadv/20210824.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1995623
reference_id	1995623
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1995623

reference_url

reference_id

AVG-2315

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2316

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2006-60

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3711
reference_id	CVE-2021-3711
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3711

fixed_packages

url	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
purl	pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3

aliases CVE-2021-3711

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1r2-zqmn-2ufh

url VCID-r6gj-vbqr-g7b7

vulnerability_id VCID-r6gj-vbqr-g7b7

summary

Philip Mackenzie and Marius Schilder of Google informed us of Daniel Bleichenbacher's
recent presentation of a common implementation error in RSA signature verification,
a failure to account for extra data in the signature. For signatures with a small
exponent such as 3 it is possible for an attacker to calculate a value for this extra data to make an altered message appear to be correctly signed, allowing the signature to be forged.
Mozilla's Network Security Services (NSS) library was vulnerable to this flaw.Because the set of root Certificate Authorities that ship with Mozilla clients
contain some with an exponent of 3 it was possible to make up certificates,
such as SSL/TLS and email certificates, that were not detected as invalid.
This raised the possibility of the sort of Man-in-the-Middle attacks
SSL/TLS was invented to prevent.We thank Philip Mackenzie and Marius Schilder for bringing
this result to our attention and working with us to ensure the NSS library was
safe from variations on this basic attack.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
reference_id	CVE-2006-4339
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339

reference_url

reference_id

mfsa2006-60

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2006-60

fixed_packages

url pkg:deb/debian/openssl@0.9.8c-4etch3%2Bm68k1

purl pkg:deb/debian/openssl@0.9.8c-4etch3%2Bm68k1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-81zk-xrsj-cufe

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-atus-ryef-17h1

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-4etch3%252Bm68k1

aliases CVE-2006-4339

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6gj-vbqr-g7b7

url VCID-rynq-d6tu-2ygg

vulnerability_id VCID-rynq-d6tu-2ygg

summary multiple issues

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306

reference_url	https://security.archlinux.org/ASA-201609-23
reference_id	ASA-201609-23
reference_type
scores
url	https://security.archlinux.org/ASA-201609-23

reference_url	https://security.archlinux.org/ASA-201609-24
reference_id	ASA-201609-24
reference_type
scores
url	https://security.archlinux.org/ASA-201609-24

reference_url

reference_id

AVG-29

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-30

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json

fixed_packages

url pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

purl pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4197-62g5-8ka3

vulnerability	VCID-448b-h78v-wfes

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-4wy2-zsz2-a3ew

vulnerability	VCID-7gkv-pu79-43hx

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-d1w5-8ktx-cubx

vulnerability	VCID-dspw-qctj-jufk

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-fgmh-6g91-9qgv

vulnerability	VCID-g1bm-2aj1-kff9

vulnerability	VCID-k4k5-uhxu-gyc1

vulnerability	VCID-m4ms-vh59-ufbd

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-rynq-d6tu-2ygg

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8

url pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

purl pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-249a-9kqa-p7an

vulnerability	VCID-3pke-7yer-87hz

vulnerability	VCID-4pe4-89ss-57am

vulnerability	VCID-8fae-zjwu-47gz

vulnerability	VCID-e6jy-vxau-jfba

vulnerability	VCID-erdm-7pfg-e7hc

vulnerability	VCID-fb66-4fr3-xye7

vulnerability	VCID-n1r2-zqmn-2ufh

vulnerability	VCID-uw52-vah8-uqda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1

aliases CVE-2016-2178

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rynq-d6tu-2ygg

url VCID-uw52-vah8-uqda

vulnerability_id VCID-uw52-vah8-uqda

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712

reference_url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
reference_id
reference_type
scores
url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11

reference_url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
reference_id
reference_type
scores
url	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10366
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10366

reference_url	https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html

reference_url	https://security.netapp.com/advisory/ntap-20210827-0010/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210827-0010/

reference_url	https://www.debian.org/security/2021/dsa-4963
reference_id
reference_type
scores
url	https://www.debian.org/security/2021/dsa-4963

reference_url	https://www.openssl.org/news/secadv/20210824.txt
reference_id
reference_type
scores
url	https://www.openssl.org/news/secadv/20210824.txt

reference_url	https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2022.html

reference_url	https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://www.tenable.com/security/tns-2021-16
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2021-16

reference_url	https://www.tenable.com/security/tns-2022-02
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2022-02

reference_url	http://www.openwall.com/lists/oss-security/2021/08/26/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2021/08/26/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1995634
reference_id	1995634
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1995634

reference_url

reference_id

AVG-2315

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2316

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url