Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/openjdk-6@6b38-1.13.10-1~deb6u1

Type deb

Namespace debian

Name openjdk-6

Version 6b38-1.13.10-1~deb6u1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6b38-1.13.10-1~deb7u1

Latest_non_vulnerable_version 6b38-1.13.10-1~deb7u1

Affected_by_vulnerabilities

url VCID-81zk-xrsj-cufe

vulnerability_id VCID-81zk-xrsj-cufe

summary

Security researcher Karthikeyan Bhargavan reported an issue
in Network Security Services (NSS) where MD5 signatures in the server signature within the
TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has
officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This
issues exposes NSS based clients such as Firefox to theoretical collision-based forgery
attacks. This issue was fixed in NSS version 3.20.2.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id	CVE-2015-7575
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

reference_id

mfsa2015-150

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

fixed_packages

url	pkg:deb/debian/openjdk-6@6b38-1.13.10-1~deb7u1
purl	pkg:deb/debian/openjdk-6@6b38-1.13.10-1~deb7u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-6@6b38-1.13.10-1~deb7u1

aliases CVE-2015-7575

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81zk-xrsj-cufe

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-6@6b38-1.13.10-1~deb6u1

Package Instance