Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nettle@3.2-1?distro=trixie

Type deb

Namespace debian

Name nettle

Version 3.2-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.3-1

Latest_non_vulnerable_version 3.10.2-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4faz-8fkq-1yey

vulnerability_id VCID-4faz-8fkq-1yey

summary nettle: secp256 calculation bug

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176807.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176807.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177229.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177229.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177473.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177473.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00100.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00100.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2582.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2582.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8803.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8803.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8803

reference_id

reference_type

scores

value	0.12343
scoring_system	epss
scoring_elements	0.93904
published_at	2026-04-21T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93897
published_at	2026-04-16T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93903
published_at	2026-04-18T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93838
published_at	2026-04-01T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93847
published_at	2026-04-02T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93856
published_at	2026-04-04T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93859
published_at	2026-04-07T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93867
published_at	2026-04-08T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93871
published_at	2026-04-09T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93876
published_at	2026-04-13T12:55:00Z

value	0.12343
scoring_system	epss
scoring_elements	0.93877
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8803

reference_url	https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8803

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
reference_id
reference_type
scores
url	https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d

reference_url	https://lists.gnu.org/archive/html/info-gnu/2016-01/msg00006.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/info-gnu/2016-01/msg00006.html

reference_url	https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html
reference_id
reference_type
scores
url	https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html

reference_url	http://www.openwall.com/lists/oss-security/2016/02/02/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/02/2

reference_url	http://www.openwall.com/lists/oss-security/2016/02/03/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/03/1

reference_url	http://www.ubuntu.com/usn/USN-2897-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2897-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1304303
reference_id	1304303
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1304303

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679
reference_id	813679
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nettle_project:nettle::::::::
reference_id	cpe:2.3:a:nettle_project:nettle::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nettle_project:nettle::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8803

reference_id

CVE-2015-8803

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8803

reference_url	https://access.redhat.com/errata/RHSA-2016:2582
reference_id	RHSA-2016:2582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2582

reference_url	https://usn.ubuntu.com/2897-1/
reference_id	USN-2897-1
reference_type
scores
url	https://usn.ubuntu.com/2897-1/

fixed_packages

url	pkg:deb/debian/nettle@3.2-1?distro=trixie
purl	pkg:deb/debian/nettle@3.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.2-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.7.3-1?distro=trixie
purl	pkg:deb/debian/nettle@3.7.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.7.3-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.8.1-2?distro=trixie
purl	pkg:deb/debian/nettle@3.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.10.1-1?distro=trixie
purl	pkg:deb/debian/nettle@3.10.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.10.1-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.10.2-1?distro=trixie
purl	pkg:deb/debian/nettle@3.10.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.10.2-1%3Fdistro=trixie

aliases CVE-2015-8803

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4faz-8fkq-1yey

url VCID-ka7g-uw8s-7fdv

vulnerability_id VCID-ka7g-uw8s-7fdv

summary nettle: secp256 calculation bug

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00100.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00100.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2582.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2582.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8805.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8805.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8805

reference_id

reference_type

scores

value	0.01196
scoring_system	epss
scoring_elements	0.78906
published_at	2026-04-21T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78911
published_at	2026-04-16T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78835
published_at	2026-04-01T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78842
published_at	2026-04-02T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.7887
published_at	2026-04-04T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78853
published_at	2026-04-07T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78878
published_at	2026-04-08T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78884
published_at	2026-04-09T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78908
published_at	2026-04-18T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78892
published_at	2026-04-12T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78882
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8805

reference_url	https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8805

reference_url	https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
reference_id
reference_type
scores
url	https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d

reference_url	http://www.openwall.com/lists/oss-security/2016/02/02/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/02/2

reference_url	http://www.openwall.com/lists/oss-security/2016/02/03/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/03/1

reference_url	http://www.securityfocus.com/bid/84272
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84272

reference_url	http://www.ubuntu.com/usn/USN-2897-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2897-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1304382
reference_id	1304382
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1304382

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679
reference_id	813679
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nettle_project:nettle::::::::
reference_id	cpe:2.3:a:nettle_project:nettle::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nettle_project:nettle::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8805

reference_id

CVE-2015-8805

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8805

reference_url	https://access.redhat.com/errata/RHSA-2016:2582
reference_id	RHSA-2016:2582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2582

reference_url	https://usn.ubuntu.com/2897-1/
reference_id	USN-2897-1
reference_type
scores
url	https://usn.ubuntu.com/2897-1/

fixed_packages

url	pkg:deb/debian/nettle@3.2-1?distro=trixie
purl	pkg:deb/debian/nettle@3.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.2-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.7.3-1?distro=trixie
purl	pkg:deb/debian/nettle@3.7.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.7.3-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.8.1-2?distro=trixie
purl	pkg:deb/debian/nettle@3.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.10.1-1?distro=trixie
purl	pkg:deb/debian/nettle@3.10.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.10.1-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.10.2-1?distro=trixie
purl	pkg:deb/debian/nettle@3.10.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.10.2-1%3Fdistro=trixie

aliases CVE-2015-8805

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ka7g-uw8s-7fdv

url VCID-py38-zkxu-u3ey

vulnerability_id VCID-py38-zkxu-u3ey

summary nettle: miscalculations on secp384 curve

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00100.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00100.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2582.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2582.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8804.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8804.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8804

reference_id

reference_type

scores

value	0.11875
scoring_system	epss
scoring_elements	0.93761
published_at	2026-04-21T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93758
published_at	2026-04-18T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93696
published_at	2026-04-01T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93705
published_at	2026-04-02T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93716
published_at	2026-04-04T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93719
published_at	2026-04-07T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93727
published_at	2026-04-08T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93729
published_at	2026-04-09T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93734
published_at	2026-04-13T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93733
published_at	2026-04-12T12:55:00Z

value	0.11875
scoring_system	epss
scoring_elements	0.93751
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8804

reference_url	https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8804

reference_url	https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7
reference_id
reference_type
scores
url	https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7

reference_url	https://lists.gnu.org/archive/html/info-gnu/2016-01/msg00006.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/info-gnu/2016-01/msg00006.html

reference_url	https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html
reference_id
reference_type
scores
url	https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html

reference_url	http://www.openwall.com/lists/oss-security/2016/02/02/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/02/2

reference_url	http://www.openwall.com/lists/oss-security/2016/02/03/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/03/1

reference_url	http://www.ubuntu.com/usn/USN-2897-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2897-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1304379
reference_id	1304379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1304379

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679
reference_id	813679
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nettle_project:nettle::::::::
reference_id	cpe:2.3:a:nettle_project:nettle::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nettle_project:nettle::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8804

reference_id

CVE-2015-8804

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8804

reference_url	https://access.redhat.com/errata/RHSA-2016:2582
reference_id	RHSA-2016:2582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2582

reference_url	https://usn.ubuntu.com/2897-1/
reference_id	USN-2897-1
reference_type
scores
url	https://usn.ubuntu.com/2897-1/

fixed_packages

url	pkg:deb/debian/nettle@3.2-1?distro=trixie
purl	pkg:deb/debian/nettle@3.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.2-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.7.3-1?distro=trixie
purl	pkg:deb/debian/nettle@3.7.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.7.3-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.8.1-2?distro=trixie
purl	pkg:deb/debian/nettle@3.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.10.1-1?distro=trixie
purl	pkg:deb/debian/nettle@3.10.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.10.1-1%3Fdistro=trixie

url	pkg:deb/debian/nettle@3.10.2-1?distro=trixie
purl	pkg:deb/debian/nettle@3.10.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.10.2-1%3Fdistro=trixie

aliases CVE-2015-8804

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-py38-zkxu-u3ey

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nettle@3.2-1%3Fdistro=trixie

Package Instance