Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main

Type apk

Namespace alpine

Name openssl

Version 3.3.6-r0

Qualifiers

arch	x86_64
distroversion	v3.20
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.3.7-r0

Latest_non_vulnerable_version 3.3.7-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3u2b-yumu-rkcd

vulnerability_id VCID-3u2b-yumu-rkcd

summary openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15468.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15468.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-15468

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05649
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05609
published_at	2026-04-02T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05935
published_at	2026-04-13T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05895
published_at	2026-04-07T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05933
published_at	2026-04-08T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05972
published_at	2026-04-09T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05954
published_at	2026-04-11T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05944
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-15468

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65

reference_id

1f08e54bad32843044fe8a675948d65e3b4ece65

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/

url

https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430377
reference_id	2430377
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430377

reference_url

https://github.com/openssl/openssl/commit/7c88376731c589ee5b36116c5a6e32d5ae5f7ae2

reference_id

7c88376731c589ee5b36116c5a6e32d5ae5f7ae2

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/

url

https://github.com/openssl/openssl/commit/7c88376731c589ee5b36116c5a6e32d5ae5f7ae2

reference_url

https://github.com/openssl/openssl/commit/b2539639400288a4580fe2d76247541b976bade4

reference_id

b2539639400288a4580fe2d76247541b976bade4

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/

url

https://github.com/openssl/openssl/commit/b2539639400288a4580fe2d76247541b976bade4

reference_url

https://github.com/openssl/openssl/commit/d75b309879631d45b972396ce4e5102559c64ac7

reference_id

d75b309879631d45b972396ce4e5102559c64ac7

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/

url

https://github.com/openssl/openssl/commit/d75b309879631d45b972396ce4e5102559c64ac7

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-15468

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3u2b-yumu-rkcd

url VCID-6mua-rkdu-87ay

vulnerability_id VCID-6mua-rkdu-87ay

summary openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68160.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68160.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-68160

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07798
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07753
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07812
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07829
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07824
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07811
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-68160

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430380
reference_id	2430380
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430380

reference_url

https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad

reference_id

384011202af92605d926fafe4a0bcd6b65d162ad

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/

url

https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad

reference_url

https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6

reference_id

475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/

url

https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6

reference_url

https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c

reference_id

4c96fbba618e1940f038012506ee9e21d32ee12c

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/

url

https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c

reference_url

https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0

reference_id

6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/

url

https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0

reference_url

https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096

reference_id

68a7cd2e2816c3a02f4d45a2ce43fc04fac97096

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/

url

https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-68160

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6mua-rkdu-87ay

url VCID-7xwq-vdej-ayg1

vulnerability_id VCID-7xwq-vdej-ayg1

summary openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22796.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22796.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22796

reference_id

reference_type

scores

value	0.00112
scoring_system	epss
scoring_elements	0.29759
published_at	2026-04-04T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29708
published_at	2026-04-02T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30333
published_at	2026-04-13T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30329
published_at	2026-04-07T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30388
published_at	2026-04-08T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30423
published_at	2026-04-09T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30425
published_at	2026-04-11T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30381
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430390
reference_id	2430390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430390

reference_url

https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4

reference_id

2502e7b7d4c0cf4f972a881641fe09edc67aeec4

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/

url

https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4

reference_url

https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49

reference_id

572844beca95068394c916626a6d3a490f831a49

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/

url

https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49

reference_url

https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12

reference_id

7bbca05be55b129651d9df4bdb92becc45002c12

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/

url

https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12

reference_url

https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e

reference_id

eeee3cbd4d682095ed431052f00403004596373e

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/

url

https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e

reference_url

https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2

reference_id

ef2fb66ec571564d64d1c74a12e388a2a54d05d2

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/

url

https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2026-22796

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xwq-vdej-ayg1

url VCID-antn-nu5a-7yf6

vulnerability_id VCID-antn-nu5a-7yf6

summary openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69420.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69420.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-69420

reference_id

reference_type

scores

value	0.0029
scoring_system	epss
scoring_elements	0.52364
published_at	2026-04-04T12:55:00Z

value	0.0029
scoring_system	epss
scoring_elements	0.52336
published_at	2026-04-02T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53576
published_at	2026-04-13T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53515
published_at	2026-04-07T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53565
published_at	2026-04-08T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53561
published_at	2026-04-09T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53611
published_at	2026-04-11T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53594
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-69420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430388
reference_id	2430388
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430388

reference_url

https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9

reference_id

27c7012c91cc986a598d7540f3079dfde2416eb9

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/

url

https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9

reference_url

https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a

reference_id

4e254b48ad93cc092be3dd62d97015f33f73133a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/

url

https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a

reference_url

https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e

reference_id

564fd9c73787f25693bf9e75faf7bf6bb1305d4e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/

url

https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e

reference_url

https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b

reference_id

5eb0770ffcf11b785cf374ff3c19196245e54f1b

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/

url

https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b

reference_url

https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085

reference_id

a99349ebfc519999edc50620abe24d599b9eb085

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/

url

https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-69420

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-antn-nu5a-7yf6

url VCID-chgr-9utt-kqbp

vulnerability_id VCID-chgr-9utt-kqbp

summary openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69419.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-69419

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.19079
published_at	2026-04-04T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.19027
published_at	2026-04-02T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19551
published_at	2026-04-13T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19521
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19602
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19654
published_at	2026-04-09T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19659
published_at	2026-04-11T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.1961
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-69419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430386
reference_id	2430386
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430386

reference_url

https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296

reference_id

41be0f216404f14457bbf3b9cc488dba60b49296

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/

url

https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296

reference_url

https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb

reference_id

7e9cac9832e4705b91987c2474ed06a37a93cecb

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/

url

https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb

reference_url

https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2

reference_id

a26a90d38edec3748566129d824e664b54bee2e2

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/

url

https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2

reference_url

https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015

reference_id

cda12de3bc0e333ea8d2c6fd15001dbdaf280015

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/

url

https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015

reference_url

https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535

reference_id

ff628933755075446bca8307e8417c14d164b535

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/

url

https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1496
reference_id	RHSA-2026:1496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1496

reference_url	https://access.redhat.com/errata/RHSA-2026:1503
reference_id	RHSA-2026:1503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1503

reference_url	https://access.redhat.com/errata/RHSA-2026:1519
reference_id	RHSA-2026:1519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1519

reference_url	https://access.redhat.com/errata/RHSA-2026:1594
reference_id	RHSA-2026:1594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1594

reference_url	https://access.redhat.com/errata/RHSA-2026:1733
reference_id	RHSA-2026:1733
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1733

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:2994
reference_id	RHSA-2026:2994
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2994

reference_url	https://access.redhat.com/errata/RHSA-2026:2995
reference_id	RHSA-2026:2995
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2995

reference_url	https://access.redhat.com/errata/RHSA-2026:3042
reference_id	RHSA-2026:3042
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3042

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:3364
reference_id	RHSA-2026:3364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3364

reference_url	https://access.redhat.com/errata/RHSA-2026:3437
reference_id	RHSA-2026:3437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3437

reference_url	https://access.redhat.com/errata/RHSA-2026:3861
reference_id	RHSA-2026:3861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3861

reference_url	https://access.redhat.com/errata/RHSA-2026:4163
reference_id	RHSA-2026:4163
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4163

reference_url	https://access.redhat.com/errata/RHSA-2026:4214
reference_id	RHSA-2026:4214
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4214

reference_url	https://access.redhat.com/errata/RHSA-2026:4472
reference_id	RHSA-2026:4472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4472

reference_url	https://access.redhat.com/errata/RHSA-2026:4824
reference_id	RHSA-2026:4824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4824

reference_url	https://access.redhat.com/errata/RHSA-2026:4825
reference_id	RHSA-2026:4825
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4825

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5214
reference_id	RHSA-2026:5214
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5214

reference_url	https://access.redhat.com/errata/RHSA-2026:5217
reference_id	RHSA-2026:5217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5217

reference_url	https://access.redhat.com/errata/RHSA-2026:5873
reference_id	RHSA-2026:5873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5873

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-69419

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chgr-9utt-kqbp

url VCID-d4rs-rag3-cfcy

vulnerability_id VCID-d4rs-rag3-cfcy

summary openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15467.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15467.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-15467

reference_id

reference_type

scores

value	0.00705
scoring_system	epss
scoring_elements	0.7212
published_at	2026-04-13T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72078
published_at	2026-04-07T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72116
published_at	2026-04-08T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72127
published_at	2026-04-09T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.7215
published_at	2026-04-11T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72135
published_at	2026-04-12T12:55:00Z

value	0.00819
scoring_system	epss
scoring_elements	0.7436
published_at	2026-04-04T12:55:00Z

value	0.00819
scoring_system	epss
scoring_elements	0.74333
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-15467

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430376
reference_id	2430376
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430376

reference_url

https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703

reference_id

2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/

url

https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703

reference_url

https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9

reference_id

5f26d4202f5b89664c5c3f3c62086276026ba9a9

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/

url

https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9

reference_url

https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3

reference_id

6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/

url

https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3

reference_url

https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e

reference_id

ce39170276daec87f55c39dad1f629b56344429e

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/

url

https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e

reference_url

https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc

reference_id

d0071a0799f20cc8101730145349ed4487c268dc

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/

url

https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1496
reference_id	RHSA-2026:1496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1496

reference_url	https://access.redhat.com/errata/RHSA-2026:1503
reference_id	RHSA-2026:1503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1503

reference_url	https://access.redhat.com/errata/RHSA-2026:1519
reference_id	RHSA-2026:1519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1519

reference_url	https://access.redhat.com/errata/RHSA-2026:1594
reference_id	RHSA-2026:1594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1594

reference_url	https://access.redhat.com/errata/RHSA-2026:1733
reference_id	RHSA-2026:1733
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1733

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2072
reference_id	RHSA-2026:2072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2072

reference_url	https://access.redhat.com/errata/RHSA-2026:2077
reference_id	RHSA-2026:2077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2077

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:2633
reference_id	RHSA-2026:2633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2633

reference_url	https://access.redhat.com/errata/RHSA-2026:2659
reference_id	RHSA-2026:2659
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2659

reference_url	https://access.redhat.com/errata/RHSA-2026:2671
reference_id	RHSA-2026:2671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2671

reference_url	https://access.redhat.com/errata/RHSA-2026:2844
reference_id	RHSA-2026:2844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2844

reference_url	https://access.redhat.com/errata/RHSA-2026:2974
reference_id	RHSA-2026:2974
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2974

reference_url	https://access.redhat.com/errata/RHSA-2026:2995
reference_id	RHSA-2026:2995
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2995

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:3415
reference_id	RHSA-2026:3415
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3415

reference_url	https://access.redhat.com/errata/RHSA-2026:3461
reference_id	RHSA-2026:3461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3461

reference_url	https://access.redhat.com/errata/RHSA-2026:3462
reference_id	RHSA-2026:3462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3462

reference_url	https://access.redhat.com/errata/RHSA-2026:4419
reference_id	RHSA-2026:4419
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4419

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:6481
reference_id	RHSA-2026:6481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6481

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-15467

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rs-rag3-cfcy

url VCID-g8at-dasq-h3fb

vulnerability_id VCID-g8at-dasq-h3fb

summary openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66199.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-66199

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20166
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20107
published_at	2026-04-02T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.2071
published_at	2026-04-13T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20649
published_at	2026-04-07T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20726
published_at	2026-04-08T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20786
published_at	2026-04-09T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20804
published_at	2026-04-11T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20762
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-66199

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430379
reference_id	2430379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430379

reference_url

https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4

reference_id

3ed1f75249932b155eef993a8e66a99cb98bfef4

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/

url

https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4

reference_url

https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451

reference_id

6184a4fb08ee6d7bca570d931a4e8bef40b64451

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/

url

https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451

reference_url

https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5

reference_id

895150b5e021d16b52fb32b97e1dd12f20448be5

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/

url

https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5

reference_url

https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4

reference_id

966a2478046c311ed7dae50c457d0db4cafbf7e4

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/

url

https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-66199

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8at-dasq-h3fb

url VCID-p7ca-uc7n-mfc4

vulnerability_id VCID-p7ca-uc7n-mfc4

summary openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69418.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69418.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-69418

reference_id

reference_type

scores

value	7e-05
scoring_system	epss
scoring_elements	0.0063
published_at	2026-04-04T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00638
published_at	2026-04-02T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00678
published_at	2026-04-13T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00693
published_at	2026-04-08T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00685
published_at	2026-04-09T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00686
published_at	2026-04-11T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00679
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-69418

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430381
reference_id	2430381
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430381

reference_url

https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc

reference_id

372fc5c77529695b05b4f5b5187691a57ef5dffc

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/

url

https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc

reference_url

https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8

reference_id

4016975d4469cd6b94927c607f7c511385f928d8

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/

url

https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8

reference_url

https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347

reference_id

52d23c86a54adab5ee9f80e48b242b52c4cc2347

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/

url

https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347

reference_url

https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae

reference_id

a7589230356d908c0eca4b969ec4f62106f4f5ae

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/

url

https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae

reference_url

https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977

reference_id

ed40856d7d4ba6cb42779b6770666a65f19cb977

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/

url

https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-69418

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7ca-uc7n-mfc4

url VCID-rgue-at15-k7a2

vulnerability_id VCID-rgue-at15-k7a2

summary openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22795.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22795

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05603
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05582
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0562
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05645
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05618
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05609
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06481
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06509
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430389
reference_id	2430389
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430389

reference_url

https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4

reference_id

2502e7b7d4c0cf4f972a881641fe09edc67aeec4

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/

url

https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4

reference_url

https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49

reference_id

572844beca95068394c916626a6d3a490f831a49

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/

url

https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49

reference_url

https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12

reference_id

7bbca05be55b129651d9df4bdb92becc45002c12

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/

url

https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12

reference_url

https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e

reference_id

eeee3cbd4d682095ed431052f00403004596373e

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/

url

https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e

reference_url

https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2

reference_id

ef2fb66ec571564d64d1c74a12e388a2a54d05d2

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/

url

https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2026-22795

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgue-at15-k7a2

url VCID-w9yg-3dbq-8qge

vulnerability_id VCID-w9yg-3dbq-8qge

summary openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69421.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69421.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-69421

reference_id

reference_type

scores

value	0.00034
scoring_system	epss
scoring_elements	0.10003
published_at	2026-04-04T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09955
published_at	2026-04-02T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10542
published_at	2026-04-13T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10428
published_at	2026-04-07T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10502
published_at	2026-04-08T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10569
published_at	2026-04-09T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10598
published_at	2026-04-11T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10566
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-69421

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260127.txt

reference_id

20260127.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/

url

https://openssl-library.org/news/secadv/20260127.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2430387
reference_id	2430387
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2430387

reference_url

https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b

reference_id

3524a29271f8191b8fd8a5257eb05173982a097b

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/

url

https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b

reference_url

https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7

reference_id

36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/

url

https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7

reference_url

https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd

reference_id

4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/

url

https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd

reference_url

https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3

reference_id

643986985cd1c21221f941129d76fe0c2785aeb3

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/

url

https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3

reference_url

https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c

reference_id

a2dbc539f0f9cc63832709fa5aa33ad9495eb19c

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/

url

https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c

reference_url	https://access.redhat.com/errata/RHSA-2026:1472
reference_id	RHSA-2026:1472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1472

reference_url	https://access.redhat.com/errata/RHSA-2026:1473
reference_id	RHSA-2026:1473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1473

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:2485
reference_id	RHSA-2026:2485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2485

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:3228
reference_id	RHSA-2026:3228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3228

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/7980-1/
reference_id	USN-7980-1
reference_type
scores
url	https://usn.ubuntu.com/7980-1/

reference_url	https://usn.ubuntu.com/7980-2/
reference_id	USN-7980-2
reference_type
scores
url	https://usn.ubuntu.com/7980-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@3.3.6-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2025-69421

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9yg-3dbq-8qge

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.3.6-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

Package Instance