Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
Typedeb
Namespacedebian
Nameopenssl
Version1.1.1k-1+deb11u2
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.1.1l-1
Latest_non_vulnerable_version3.6.2-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-gsbn-6t86-7kf9
vulnerability_id VCID-gsbn-6t86-7kf9
summary 
Loop with Unreachable Exit Condition ('Infinite Loop')
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters
references
0
reference_url http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0778
reference_id
reference_type
scores
0
value 0.06432
scoring_system epss
scoring_elements 0.91023
published_at 2026-04-04T12:55:00Z
1
value 0.07109
scoring_system epss
scoring_elements 0.91526
published_at 2026-04-08T12:55:00Z
2
value 0.07109
scoring_system epss
scoring_elements 0.91513
published_at 2026-04-07T12:55:00Z
3
value 0.07109
scoring_system epss
scoring_elements 0.91532
published_at 2026-04-09T12:55:00Z
4
value 0.07128
scoring_system epss
scoring_elements 0.91562
published_at 2026-04-21T12:55:00Z
5
value 0.07128
scoring_system epss
scoring_elements 0.91567
published_at 2026-04-16T12:55:00Z
6
value 0.07394
scoring_system epss
scoring_elements 0.91693
published_at 2026-04-01T12:55:00Z
7
value 0.07394
scoring_system epss
scoring_elements 0.91701
published_at 2026-04-02T12:55:00Z
8
value 0.07807
scoring_system epss
scoring_elements 0.91978
published_at 2026-04-13T12:55:00Z
9
value 0.08117
scoring_system epss
scoring_elements 0.92166
published_at 2026-04-12T12:55:00Z
10
value 0.08117
scoring_system epss
scoring_elements 0.92165
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0778
3
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
6
reference_url http://seclists.org/fulldisclosure/2022/May/33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/May/33
7
reference_url http://seclists.org/fulldisclosure/2022/May/35
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/May/35
8
reference_url http://seclists.org/fulldisclosure/2022/May/38
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/May/38
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65
11
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83
12
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246
13
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
14
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
15
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
16
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
17
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
24
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
25
reference_url https://rustsec.org/advisories/RUSTSEC-2022-0014.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2022-0014.html
26
reference_url https://security.netapp.com/advisory/ntap-20220321-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220321-0002
27
reference_url https://security.netapp.com/advisory/ntap-20220321-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220321-0002/
28
reference_url https://security.netapp.com/advisory/ntap-20220429-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220429-0005
29
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
30
reference_url https://support.apple.com/kb/HT213255
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213255
31
reference_url https://support.apple.com/kb/HT213256
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213256
32
reference_url https://support.apple.com/kb/HT213257
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213257
33
reference_url https://www.debian.org/security/2022/dsa-5103
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5103
34
reference_url https://www.openssl.org/news/secadv/20220315.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openssl.org/news/secadv/20220315.txt
35
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
36
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
37
reference_url https://www.tenable.com/security/tns-2022-06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-06
38
reference_url https://www.tenable.com/security/tns-2022-07
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-07
39
reference_url https://www.tenable.com/security/tns-2022-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-08
40
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-09
41
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2062202
reference_id 2062202
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2062202
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0778
reference_id CVE-2022-0778
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0778
43
reference_url https://github.com/advisories/GHSA-x3mh-jvjw-3xwx
reference_id GHSA-x3mh-jvjw-3xwx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3mh-jvjw-3xwx
44
reference_url https://security.gentoo.org/glsa/202210-02
reference_id GLSA-202210-02
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202210-02
45
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
46
reference_url https://access.redhat.com/errata/RHSA-2022:1065
reference_id RHSA-2022:1065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1065
47
reference_url https://access.redhat.com/errata/RHSA-2022:1066
reference_id RHSA-2022:1066
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1066
48
reference_url https://access.redhat.com/errata/RHSA-2022:1071
reference_id RHSA-2022:1071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1071
49
reference_url https://access.redhat.com/errata/RHSA-2022:1073
reference_id RHSA-2022:1073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1073
50
reference_url https://access.redhat.com/errata/RHSA-2022:1076
reference_id RHSA-2022:1076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1076
51
reference_url https://access.redhat.com/errata/RHSA-2022:1077
reference_id RHSA-2022:1077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1077
52
reference_url https://access.redhat.com/errata/RHSA-2022:1078
reference_id RHSA-2022:1078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1078
53
reference_url https://access.redhat.com/errata/RHSA-2022:1082
reference_id RHSA-2022:1082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1082
54
reference_url https://access.redhat.com/errata/RHSA-2022:1091
reference_id RHSA-2022:1091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1091
55
reference_url https://access.redhat.com/errata/RHSA-2022:1112
reference_id RHSA-2022:1112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1112
56
reference_url https://access.redhat.com/errata/RHSA-2022:1263
reference_id RHSA-2022:1263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1263
57
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
58
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
59
reference_url https://access.redhat.com/errata/RHSA-2022:1519
reference_id RHSA-2022:1519
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1519
60
reference_url https://access.redhat.com/errata/RHSA-2022:1520
reference_id RHSA-2022:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1520
61
reference_url https://access.redhat.com/errata/RHSA-2022:4896
reference_id RHSA-2022:4896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4896
62
reference_url https://access.redhat.com/errata/RHSA-2022:4899
reference_id RHSA-2022:4899
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4899
63
reference_url https://access.redhat.com/errata/RHSA-2022:5326
reference_id RHSA-2022:5326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5326
64
reference_url https://usn.ubuntu.com/5328-1/
reference_id USN-5328-1
reference_type
scores
url https://usn.ubuntu.com/5328-1/
65
reference_url https://usn.ubuntu.com/5328-2/
reference_id USN-5328-2
reference_type
scores
url https://usn.ubuntu.com/5328-2/
66
reference_url https://usn.ubuntu.com/6457-1/
reference_id USN-6457-1
reference_type
scores
url https://usn.ubuntu.com/6457-1/
67
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1n-1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1n-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-1%3Fdistro=trixie
2
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2022-0778, GHSA-x3mh-jvjw-3xwx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsbn-6t86-7kf9
1
url VCID-myuq-u3as-g3ah
vulnerability_id VCID-myuq-u3as-g3ah
summary 
Carry Propagation bug
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4160.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4160.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4160
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53163
published_at 2026-04-01T12:55:00Z
1
value 0.00299
scoring_system epss
scoring_elements 0.53188
published_at 2026-04-02T12:55:00Z
2
value 0.00299
scoring_system epss
scoring_elements 0.53291
published_at 2026-04-18T12:55:00Z
3
value 0.00299
scoring_system epss
scoring_elements 0.53284
published_at 2026-04-16T12:55:00Z
4
value 0.00299
scoring_system epss
scoring_elements 0.53247
published_at 2026-04-13T12:55:00Z
5
value 0.00299
scoring_system epss
scoring_elements 0.53264
published_at 2026-04-12T12:55:00Z
6
value 0.00299
scoring_system epss
scoring_elements 0.53278
published_at 2026-04-11T12:55:00Z
7
value 0.00299
scoring_system epss
scoring_elements 0.53227
published_at 2026-04-09T12:55:00Z
8
value 0.00299
scoring_system epss
scoring_elements 0.53233
published_at 2026-04-08T12:55:00Z
9
value 0.00299
scoring_system epss
scoring_elements 0.53212
published_at 2026-04-04T12:55:00Z
10
value 0.00299
scoring_system epss
scoring_elements 0.5318
published_at 2026-04-07T12:55:00Z
11
value 0.00417
scoring_system epss
scoring_elements 0.61799
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4160
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f
6
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
7
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
reference_id
reference_type
scores
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
8
reference_url https://www.openssl.org/news/secadv/20220128.txt
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://www.openssl.org/news/secadv/20220128.txt
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2048651
reference_id 2048651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2048651
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4160
reference_id CVE-2021-4160
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-4160
11
reference_url https://security.gentoo.org/glsa/202210-02
reference_id GLSA-202210-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://security.gentoo.org/glsa/202210-02
12
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f
13
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7
14
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
reference_id ?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:29:13Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1k-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1m-1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1m-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1m-1%3Fdistro=trixie
2
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2021-4160
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myuq-u3as-g3ah
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1k-1%252Bdeb11u2%3Fdistro=trixie