Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:conan/openssl@3.0.7
Typeconan
Namespace
Nameopenssl
Version3.0.7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.2.6
Latest_non_vulnerable_version3.2.6
Affected_by_vulnerabilities
0
url VCID-1ggt-ugh5-jqeu
vulnerability_id VCID-1ggt-ugh5-jqeu
summary 
NULL Pointer Dereference
An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0216
reference_id
reference_type
scores
0
value 0.0102
scoring_system epss
scoring_elements 0.77263
published_at 2026-04-21T12:55:00Z
1
value 0.01123
scoring_system epss
scoring_elements 0.78296
published_at 2026-04-16T12:55:00Z
2
value 0.01123
scoring_system epss
scoring_elements 0.78265
published_at 2026-04-13T12:55:00Z
3
value 0.01123
scoring_system epss
scoring_elements 0.7827
published_at 2026-04-12T12:55:00Z
4
value 0.01123
scoring_system epss
scoring_elements 0.78262
published_at 2026-04-09T12:55:00Z
5
value 0.01123
scoring_system epss
scoring_elements 0.78256
published_at 2026-04-08T12:55:00Z
6
value 0.01123
scoring_system epss
scoring_elements 0.7823
published_at 2026-04-07T12:55:00Z
7
value 0.01123
scoring_system epss
scoring_elements 0.78248
published_at 2026-04-04T12:55:00Z
8
value 0.01123
scoring_system epss
scoring_elements 0.78217
published_at 2026-04-02T12:55:00Z
9
value 0.01123
scoring_system epss
scoring_elements 0.78287
published_at 2026-04-11T12:55:00Z
10
value 0.01123
scoring_system epss
scoring_elements 0.78293
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0216
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6
4
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
5
reference_url https://rustsec.org/advisories/RUSTSEC-2023-0011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2023-0011.html
6
reference_url https://security.gentoo.org/glsa/202402-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/
url https://security.gentoo.org/glsa/202402-08
7
reference_url https://www.openssl.org/news/secadv/20230207.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/
url https://www.openssl.org/news/secadv/20230207.txt
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164497
reference_id 2164497
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164497
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0216
reference_id CVE-2023-0216
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0216
10
reference_url https://github.com/advisories/GHSA-29xx-hcv2-c4cp
reference_id GHSA-29xx-hcv2-c4cp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-29xx-hcv2-c4cp
11
reference_url https://access.redhat.com/errata/RHSA-2023:0946
reference_id RHSA-2023:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0946
12
reference_url https://access.redhat.com/errata/RHSA-2023:1199
reference_id RHSA-2023:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1199
13
reference_url https://usn.ubuntu.com/5844-1/
reference_id USN-5844-1
reference_type
scores
url https://usn.ubuntu.com/5844-1/
fixed_packages
0
url pkg:conan/openssl@3.0.12
purl pkg:conan/openssl@3.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2by2-tzdd-kkc7
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.12
aliases CVE-2023-0216, GHSA-29xx-hcv2-c4cp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ggt-ugh5-jqeu
1
url VCID-8s28-acfa-kkhj
vulnerability_id VCID-8s28-acfa-kkhj
summary 
NULL Pointer Dereference
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0217
reference_id
reference_type
scores
0
value 0.00557
scoring_system epss
scoring_elements 0.6821
published_at 2026-04-18T12:55:00Z
1
value 0.00557
scoring_system epss
scoring_elements 0.68199
published_at 2026-04-16T12:55:00Z
2
value 0.00557
scoring_system epss
scoring_elements 0.6816
published_at 2026-04-13T12:55:00Z
3
value 0.00557
scoring_system epss
scoring_elements 0.68193
published_at 2026-04-12T12:55:00Z
4
value 0.00557
scoring_system epss
scoring_elements 0.6812
published_at 2026-04-02T12:55:00Z
5
value 0.00557
scoring_system epss
scoring_elements 0.68182
published_at 2026-04-09T12:55:00Z
6
value 0.00557
scoring_system epss
scoring_elements 0.68167
published_at 2026-04-08T12:55:00Z
7
value 0.00557
scoring_system epss
scoring_elements 0.68115
published_at 2026-04-07T12:55:00Z
8
value 0.00557
scoring_system epss
scoring_elements 0.68138
published_at 2026-04-04T12:55:00Z
9
value 0.00557
scoring_system epss
scoring_elements 0.68207
published_at 2026-04-11T12:55:00Z
10
value 0.01029
scoring_system epss
scoring_elements 0.77335
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0217
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096
4
reference_url https://rustsec.org/advisories/RUSTSEC-2023-0012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2023-0012.html
5
reference_url https://security.gentoo.org/glsa/202402-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/
url https://security.gentoo.org/glsa/202402-08
6
reference_url https://www.openssl.org/news/secadv/20230207.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/
url https://www.openssl.org/news/secadv/20230207.txt
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164499
reference_id 2164499
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164499
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0217
reference_id CVE-2023-0217
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0217
9
reference_url https://github.com/advisories/GHSA-vxrh-cpg7-8vjr
reference_id GHSA-vxrh-cpg7-8vjr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxrh-cpg7-8vjr
10
reference_url https://access.redhat.com/errata/RHSA-2023:0946
reference_id RHSA-2023:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0946
11
reference_url https://access.redhat.com/errata/RHSA-2023:1199
reference_id RHSA-2023:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1199
12
reference_url https://usn.ubuntu.com/5844-1/
reference_id USN-5844-1
reference_type
scores
url https://usn.ubuntu.com/5844-1/
fixed_packages
0
url pkg:conan/openssl@3.0.12
purl pkg:conan/openssl@3.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2by2-tzdd-kkc7
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.12
aliases CVE-2023-0217, GHSA-vxrh-cpg7-8vjr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8s28-acfa-kkhj
2
url VCID-ncw4-3azc-1fb5
vulnerability_id VCID-ncw4-3azc-1fb5
summary 
Denial of service by double-checked locking in openssl-src
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3996.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3996.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3996
reference_id
reference_type
scores
0
value 0.00172
scoring_system epss
scoring_elements 0.38559
published_at 2026-04-21T12:55:00Z
1
value 0.00172
scoring_system epss
scoring_elements 0.38661
published_at 2026-04-16T12:55:00Z
2
value 0.00172
scoring_system epss
scoring_elements 0.38614
published_at 2026-04-13T12:55:00Z
3
value 0.00172
scoring_system epss
scoring_elements 0.38639
published_at 2026-04-18T12:55:00Z
4
value 0.00172
scoring_system epss
scoring_elements 0.38677
published_at 2026-04-11T12:55:00Z
5
value 0.00172
scoring_system epss
scoring_elements 0.38667
published_at 2026-04-09T12:55:00Z
6
value 0.00172
scoring_system epss
scoring_elements 0.38657
published_at 2026-04-08T12:55:00Z
7
value 0.00172
scoring_system epss
scoring_elements 0.38606
published_at 2026-04-07T12:55:00Z
8
value 0.00172
scoring_system epss
scoring_elements 0.38675
published_at 2026-04-04T12:55:00Z
9
value 0.00172
scoring_system epss
scoring_elements 0.38651
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3996
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/alexcrichton/openssl-src-rs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs
4
reference_url https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T21:11:25Z/
url https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3996
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3996
6
reference_url https://www.openssl.org/news/secadv/20221213.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T21:11:25Z/
url https://www.openssl.org/news/secadv/20221213.txt
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027102
reference_id 1027102
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027102
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2153239
reference_id 2153239
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2153239
9
reference_url https://github.com/advisories/GHSA-vr8j-hgmm-jh9r
reference_id GHSA-vr8j-hgmm-jh9r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vr8j-hgmm-jh9r
10
reference_url https://usn.ubuntu.com/6039-1/
reference_id USN-6039-1
reference_type
scores
url https://usn.ubuntu.com/6039-1/
fixed_packages
0
url pkg:conan/openssl@3.0.8
purl pkg:conan/openssl@3.0.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.8
aliases CVE-2022-3996, GHSA-vr8j-hgmm-jh9r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncw4-3azc-1fb5
3
url VCID-xqt3-3um9-8faq
vulnerability_id VCID-xqt3-3um9-8faq
summary 
NULL Pointer Dereference
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0401.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0401.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0401
reference_id
reference_type
scores
0
value 0.00825
scoring_system epss
scoring_elements 0.74493
published_at 2026-04-21T12:55:00Z
1
value 0.01007
scoring_system epss
scoring_elements 0.77098
published_at 2026-04-18T12:55:00Z
2
value 0.01007
scoring_system epss
scoring_elements 0.77096
published_at 2026-04-16T12:55:00Z
3
value 0.01007
scoring_system epss
scoring_elements 0.77056
published_at 2026-04-13T12:55:00Z
4
value 0.01007
scoring_system epss
scoring_elements 0.77061
published_at 2026-04-12T12:55:00Z
5
value 0.01007
scoring_system epss
scoring_elements 0.77081
published_at 2026-04-11T12:55:00Z
6
value 0.01007
scoring_system epss
scoring_elements 0.77053
published_at 2026-04-09T12:55:00Z
7
value 0.01007
scoring_system epss
scoring_elements 0.77042
published_at 2026-04-08T12:55:00Z
8
value 0.01007
scoring_system epss
scoring_elements 0.7701
published_at 2026-04-07T12:55:00Z
9
value 0.01007
scoring_system epss
scoring_elements 0.77029
published_at 2026-04-04T12:55:00Z
10
value 0.01007
scoring_system epss
scoring_elements 0.77
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0401
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/alexcrichton/openssl-src-rs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674
5
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
6
reference_url https://rustsec.org/advisories/RUSTSEC-2023-0013.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2023-0013.html
7
reference_url https://security.gentoo.org/glsa/202402-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/
url https://security.gentoo.org/glsa/202402-08
8
reference_url https://www.openssl.org/news/secadv/20230207.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/
url https://www.openssl.org/news/secadv/20230207.txt
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164500
reference_id 2164500
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164500
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0401
reference_id CVE-2023-0401
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0401
11
reference_url https://github.com/advisories/GHSA-vrh7-x64v-7vxq
reference_id GHSA-vrh7-x64v-7vxq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vrh7-x64v-7vxq
12
reference_url https://access.redhat.com/errata/RHSA-2023:0946
reference_id RHSA-2023:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0946
13
reference_url https://access.redhat.com/errata/RHSA-2023:1199
reference_id RHSA-2023:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1199
14
reference_url https://usn.ubuntu.com/5844-1/
reference_id USN-5844-1
reference_type
scores
url https://usn.ubuntu.com/5844-1/
15
reference_url https://usn.ubuntu.com/6564-1/
reference_id USN-6564-1
reference_type
scores
url https://usn.ubuntu.com/6564-1/
fixed_packages
0
url pkg:conan/openssl@3.0.12
purl pkg:conan/openssl@3.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2by2-tzdd-kkc7
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.12
aliases CVE-2023-0401, GHSA-vrh7-x64v-7vxq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xqt3-3um9-8faq
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.7