Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4069?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4069?format=api", "purl": "pkg:deb/debian/openssl@0.9.8c-4etch3%2Bm68k1", "type": "deb", "namespace": "debian", "name": "openssl", "version": "0.9.8c-4etch3+m68k1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.1.1n-0+deb10u3", "latest_non_vulnerable_version": "1.1.1n-0+deb10u3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5618?format=api", "vulnerability_id": "VCID-249a-9kqa-p7an", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449" }, { "reference_url": "https://security.archlinux.org/ASA-202103-10", "reference_id": "ASA-202103-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202103-10" }, { "reference_url": "https://security.archlinux.org/AVG-1736", "reference_id": "AVG-1736", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1736" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2021-3449" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-249a-9kqa-p7an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3322?format=api", "vulnerability_id": "VCID-3pke-7yer-87hz", "summary": "arbitrary command execution", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068" }, { "reference_url": "https://security.archlinux.org/AVG-2765", "reference_id": "AVG-2765", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2765" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2022-2068" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3pke-7yer-87hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6782?format=api", "vulnerability_id": "VCID-4197-62g5-8ka3", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2181" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4197-62g5-8ka3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6786?format=api", "vulnerability_id": "VCID-448b-h78v-wfes", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2177" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-448b-h78v-wfes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6654?format=api", "vulnerability_id": "VCID-4pe4-89ss-57am", "summary": "denial of service", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054" }, { "reference_url": "https://security.archlinux.org/AVG-143", "reference_id": "AVG-143", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-143" }, { "reference_url": "https://security.archlinux.org/AVG-144", "reference_id": "AVG-144", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-144" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5334?format=api", "purl": "pkg:deb/debian/openssl@1.1.0l-1~deb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0l-1~deb9u1" } ], "aliases": [ "CVE-2016-7054" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pe4-89ss-57am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6777?format=api", "vulnerability_id": "VCID-4wy2-zsz2-a3ew", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-6304" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4wy2-zsz2-a3ew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2931?format=api", "vulnerability_id": "VCID-7gkv-pu79-43hx", "summary": "Security researcher Matthew Green reported a Diffie–Hellman\n(DHE) key processing issue in Network Security Services (NSS) where a\nman-in-the-middle (MITM) attacker can force a server to downgrade TLS\nconnections to 512-bit export-grade cryptography by modifying client\nrequests to include only export-grade cipher suites. The resulting\nweak key can then be leveraged to impersonate the server. This attack\nis detailed in the \"Imperfect Forward\nSecrecy: How Diffie-Hellman Fails in Practice\" paper and is known as the\n\"Logjam Attack.\"This issue was fixed in NSS version 3.19.1 by limiting the lower strength of\nsupported DHE keys to use 1023 bit primes.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "CVE-2015-4000", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70", "reference_id": "mfsa2015-70", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4074?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-2%252Bdeb7u20" }, { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-4000" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gkv-pu79-43hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2961?format=api", "vulnerability_id": "VCID-81zk-xrsj-cufe", "summary": "Security researcher Karthikeyan Bhargavan reported an issue\nin Network Security Services (NSS) where MD5 signatures in the server signature within the\nTLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has\nofficially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This\nissues exposes NSS based clients such as Firefox to theoretical collision-based forgery\nattacks. This issue was fixed in NSS version 3.20.2.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "CVE-2015-7575", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150", "reference_id": "mfsa2015-150", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4074?format=api", "purl": "pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-2%252Bdeb7u20" }, { "url": "http://public2.vulnerablecode.io/api/packages/4378?format=api", "purl": "pkg:deb/debian/openssl@1.0.1k-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-3" } ], "aliases": [ "CVE-2015-7575" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81zk-xrsj-cufe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5933?format=api", "vulnerability_id": "VCID-8fae-zjwu-47gz", "summary": "denial of service", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967" }, { "reference_url": "https://security.archlinux.org/ASA-202004-18", "reference_id": "ASA-202004-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-18" }, { "reference_url": "https://security.archlinux.org/ASA-202004-19", "reference_id": "ASA-202004-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-19" }, { "reference_url": "https://security.archlinux.org/AVG-1139", "reference_id": "AVG-1139", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1139" }, { "reference_url": "https://security.archlinux.org/AVG-1142", "reference_id": "AVG-1142", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1142" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2020-1967" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fae-zjwu-47gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2223?format=api", "vulnerability_id": "VCID-atus-ryef-17h1", "summary": "Mozilla developers added support in the Network Security Services\nmodule for preventing a type of man-in-the-middle attack against TLS\nusing forced renegotiation.Note that to benefit from the fix, Firefox 3.6 and\nFirefox 3.5 users will need to set\ntheir security.ssl.require_safe_negotiation preference to\ntrue. Firefox 3 does not contain the fix for this issue.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc" }, { "reference_url": "https://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://tomcat.apache.org/security-7.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" }, { "reference_url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6", "reference_id": "GHSA-f7w7-6pjc-wwm6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22", "reference_id": "mfsa2010-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4072?format=api", "purl": "pkg:deb/debian/openssl@0.9.8o-4squeeze14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8o-4squeeze14" } ], "aliases": [ "CVE-2009-3555", "GHSA-f7w7-6pjc-wwm6", "VU#120541" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-atus-ryef-17h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6783?format=api", "vulnerability_id": "VCID-d1w5-8ktx-cubx", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2180" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1w5-8ktx-cubx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6781?format=api", "vulnerability_id": "VCID-dspw-qctj-jufk", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2182" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dspw-qctj-jufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6655?format=api", "vulnerability_id": "VCID-e6jy-vxau-jfba", "summary": "denial of service", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7053" }, { "reference_url": "https://security.archlinux.org/AVG-143", "reference_id": "AVG-143", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-143" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5334?format=api", "purl": "pkg:deb/debian/openssl@1.1.0l-1~deb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0l-1~deb9u1" } ], "aliases": [ "CVE-2016-7053" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6jy-vxau-jfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6827?format=api", "vulnerability_id": "VCID-erdm-7pfg-e7hc", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23" }, { "reference_url": "https://www.openssl.org/news/secadv/20220503.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openssl.org/news/secadv/20220503.txt" }, { "reference_url": "https://security.archlinux.org/AVG-2702", "reference_id": "AVG-2702", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2702" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292", "reference_id": "CVE-2022-1292", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1292" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2022-1292" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-erdm-7pfg-e7hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5766?format=api", "vulnerability_id": "VCID-fb66-4fr3-xye7", "summary": "denial of service", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971" }, { "reference_url": "https://security.archlinux.org/ASA-202012-24", "reference_id": "ASA-202012-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-24" }, { "reference_url": "https://security.archlinux.org/AVG-1335", "reference_id": "AVG-1335", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1335" }, { "reference_url": "https://security.archlinux.org/AVG-1404", "reference_id": "AVG-1404", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1404" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2020-1971" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fb66-4fr3-xye7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6779?format=api", "vulnerability_id": "VCID-fgmh-6g91-9qgv", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-6302" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgmh-6g91-9qgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6778?format=api", "vulnerability_id": "VCID-g1bm-2aj1-kff9", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-6303" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1bm-2aj1-kff9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6784?format=api", "vulnerability_id": "VCID-k4k5-uhxu-gyc1", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2179" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k4k5-uhxu-gyc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6776?format=api", "vulnerability_id": "VCID-m4ms-vh59-ufbd", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-6306" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4ms-vh59-ufbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5286?format=api", "vulnerability_id": "VCID-n1r2-zqmn-2ufh", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712" }, { "reference_url": "https://www.openssl.org/news/secadv/20210824.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openssl.org/news/secadv/20210824.txt" }, { "reference_url": "https://security.archlinux.org/AVG-2315", "reference_id": "AVG-2315", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2315" }, { "reference_url": "https://security.archlinux.org/AVG-2316", "reference_id": "AVG-2316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2316" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711", "reference_id": "CVE-2021-3711", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3711" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2021-3711" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1r2-zqmn-2ufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6785?format=api", "vulnerability_id": "VCID-rynq-d6tu-2ygg", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306" }, { "reference_url": "https://security.archlinux.org/ASA-201609-23", "reference_id": "ASA-201609-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-23" }, { "reference_url": "https://security.archlinux.org/ASA-201609-24", "reference_id": "ASA-201609-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-24" }, { "reference_url": "https://security.archlinux.org/AVG-29", "reference_id": "AVG-29", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-29" }, { "reference_url": "https://security.archlinux.org/AVG-30", "reference_id": "AVG-30", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4379?format=api", "purl": "pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/5333?format=api", "purl": "pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2178" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rynq-d6tu-2ygg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5285?format=api", "vulnerability_id": "VCID-uw52-vah8-uqda", "summary": "multiple issues", "references": [ { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366" }, { "reference_url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210827-0010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210827-0010/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4963", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2021/dsa-4963" }, { "reference_url": "https://www.openssl.org/news/secadv/20210824.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openssl.org/news/secadv/20210824.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-16", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2021-16" }, { "reference_url": "https://www.tenable.com/security/tns-2022-02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2022-02" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/08/26/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/08/26/2" }, { "reference_url": "https://security.archlinux.org/AVG-2315", "reference_id": "AVG-2315", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2315" }, { "reference_url": "https://security.archlinux.org/AVG-2316", "reference_id": "AVG-2316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2316" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712", "reference_id": "CVE-2021-3712", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5335?format=api", "purl": "pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3" } ], "aliases": [ "CVE-2021-3712" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uw52-vah8-uqda" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2531?format=api", "vulnerability_id": "VCID-r6gj-vbqr-g7b7", "summary": "Philip Mackenzie and Marius Schilder of Google informed us of Daniel Bleichenbacher's\nrecent presentation of a common implementation error in RSA signature verification,\na failure to account for extra data in the signature. For signatures with a small\nexponent such as 3 it is possible for an attacker to calculate a value for this extra data to make an altered message appear to be correctly signed, allowing the signature to be forged.\nMozilla's Network Security Services (NSS) library was vulnerable to this flaw.Because the set of root Certificate Authorities that ship with Mozilla clients\ncontain some with an exponent of 3 it was possible to make up certificates,\nsuch as SSL/TLS and email certificates, that were not detected as invalid.\nThis raised the possibility of the sort of Man-in-the-Middle attacks\nSSL/TLS was invented to prevent.We thank Philip Mackenzie and Marius Schilder for bringing\nthis result to our attention and working with us to ensure the NSS library was\nsafe from variations on this basic attack.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339", "reference_id": "CVE-2006-4339", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2006-60", "reference_id": "mfsa2006-60", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2006-60" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4069?format=api", "purl": "pkg:deb/debian/openssl@0.9.8c-4etch3%2Bm68k1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-249a-9kqa-p7an" }, { "vulnerability": "VCID-3pke-7yer-87hz" }, { "vulnerability": "VCID-4197-62g5-8ka3" }, { "vulnerability": "VCID-448b-h78v-wfes" }, { "vulnerability": "VCID-4pe4-89ss-57am" }, { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-8fae-zjwu-47gz" }, { "vulnerability": "VCID-atus-ryef-17h1" }, { "vulnerability": "VCID-d1w5-8ktx-cubx" }, { "vulnerability": "VCID-dspw-qctj-jufk" }, { "vulnerability": "VCID-e6jy-vxau-jfba" }, { "vulnerability": "VCID-erdm-7pfg-e7hc" }, { "vulnerability": "VCID-fb66-4fr3-xye7" }, { "vulnerability": "VCID-fgmh-6g91-9qgv" }, { "vulnerability": "VCID-g1bm-2aj1-kff9" }, { "vulnerability": "VCID-k4k5-uhxu-gyc1" }, { "vulnerability": "VCID-m4ms-vh59-ufbd" }, { "vulnerability": "VCID-n1r2-zqmn-2ufh" }, { "vulnerability": "VCID-rynq-d6tu-2ygg" }, { "vulnerability": "VCID-uw52-vah8-uqda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-4etch3%252Bm68k1" } ], "aliases": [ "CVE-2006-4339" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r6gj-vbqr-g7b7" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0.9.8c-4etch3%252Bm68k1" }