Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
Typedeb
Namespacedebian
Nameopenssl
Version1.1.1w-0+deb11u2
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.1.1w-0+deb11u3
Latest_non_vulnerable_version3.6.2-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bfv6-sbnh-5uh5
vulnerability_id VCID-bfv6-sbnh-5uh5
summary openssl: SSL_select_next_proto buffer overread
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5535.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5535.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5535
reference_id
reference_type
scores
0
value 0.0505
scoring_system epss
scoring_elements 0.89749
published_at 2026-04-07T12:55:00Z
1
value 0.0505
scoring_system epss
scoring_elements 0.89767
published_at 2026-04-08T12:55:00Z
2
value 0.05181
scoring_system epss
scoring_elements 0.89921
published_at 2026-04-21T12:55:00Z
3
value 0.05181
scoring_system epss
scoring_elements 0.89872
published_at 2026-04-02T12:55:00Z
4
value 0.05181
scoring_system epss
scoring_elements 0.89885
published_at 2026-04-04T12:55:00Z
5
value 0.05181
scoring_system epss
scoring_elements 0.89912
published_at 2026-04-09T12:55:00Z
6
value 0.05181
scoring_system epss
scoring_elements 0.8992
published_at 2026-04-11T12:55:00Z
7
value 0.05181
scoring_system epss
scoring_elements 0.89918
published_at 2026-04-12T12:55:00Z
8
value 0.05181
scoring_system epss
scoring_elements 0.89911
published_at 2026-04-13T12:55:00Z
9
value 0.05181
scoring_system epss
scoring_elements 0.89925
published_at 2026-04-16T12:55:00Z
10
value 0.05181
scoring_system epss
scoring_elements 0.89926
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5535
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074487
reference_id 1074487
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074487
5
reference_url https://www.openssl.org/news/secadv/20240627.txt
reference_id 20240627.txt
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://www.openssl.org/news/secadv/20240627.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2294581
reference_id 2294581
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2294581
7
reference_url https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37
reference_id 4ada436a1946cbb24db5ab4ca082b69c1bc10f37
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37
8
reference_url https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c
reference_id 9947251413065a05189a63c9b7a6c1d4e224c21c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c
9
reference_url https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e
reference_id 99fb785a5f85315b95288921a321a935ea29a51e
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e
10
reference_url https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87
reference_id b78ec0824da857223486660177d3b1f255c65d87
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87
11
reference_url https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c
reference_id cf6f91f6121f4db167405db2f0de410a456f260c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c
12
reference_url https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c
reference_id e86ac436f0bd54d4517745483e2315650fae7b2c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c
13
reference_url https://access.redhat.com/errata/RHSA-2024:7846
reference_id RHSA-2024:7846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7846
14
reference_url https://access.redhat.com/errata/RHSA-2024:7847
reference_id RHSA-2024:7847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7847
15
reference_url https://access.redhat.com/errata/RHSA-2024:7848
reference_id RHSA-2024:7848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7848
16
reference_url https://access.redhat.com/errata/RHSA-2024:9333
reference_id RHSA-2024:9333
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9333
17
reference_url https://access.redhat.com/errata/RHSA-2025:1671
reference_id RHSA-2025:1671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1671
18
reference_url https://access.redhat.com/errata/RHSA-2025:1673
reference_id RHSA-2025:1673
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1673
19
reference_url https://access.redhat.com/errata/RHSA-2025:3452
reference_id RHSA-2025:3452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3452
20
reference_url https://access.redhat.com/errata/RHSA-2025:3453
reference_id RHSA-2025:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3453
21
reference_url https://access.redhat.com/errata/RHSA-2025:3666
reference_id RHSA-2025:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3666
22
reference_url https://usn.ubuntu.com/6937-1/
reference_id USN-6937-1
reference_type
scores
url https://usn.ubuntu.com/6937-1/
23
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/openssl@3.0.15-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.15-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.15-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.3.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.3.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.3.2-1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
7
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2024-5535
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bfv6-sbnh-5uh5
1
url VCID-efpm-7cfa-z7hx
vulnerability_id VCID-efpm-7cfa-z7hx
summary openssl: Unbounded memory growth with session handling in TLSv1.3
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2511.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2511
reference_id
reference_type
scores
0
value 0.03021
scoring_system epss
scoring_elements 0.86635
published_at 2026-04-18T12:55:00Z
1
value 0.03021
scoring_system epss
scoring_elements 0.86612
published_at 2026-04-09T12:55:00Z
2
value 0.03021
scoring_system epss
scoring_elements 0.86616
published_at 2026-04-13T12:55:00Z
3
value 0.03021
scoring_system epss
scoring_elements 0.86623
published_at 2026-04-12T12:55:00Z
4
value 0.03021
scoring_system epss
scoring_elements 0.86626
published_at 2026-04-11T12:55:00Z
5
value 0.03021
scoring_system epss
scoring_elements 0.86629
published_at 2026-04-16T12:55:00Z
6
value 0.03102
scoring_system epss
scoring_elements 0.86825
published_at 2026-04-21T12:55:00Z
7
value 0.03875
scoring_system epss
scoring_elements 0.88227
published_at 2026-04-08T12:55:00Z
8
value 0.03875
scoring_system epss
scoring_elements 0.88186
published_at 2026-04-02T12:55:00Z
9
value 0.03875
scoring_system epss
scoring_elements 0.88201
published_at 2026-04-04T12:55:00Z
10
value 0.03875
scoring_system epss
scoring_elements 0.88207
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068658
reference_id 1068658
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068658
5
reference_url https://www.openssl.org/news/secadv/20240408.txt
reference_id 20240408.txt
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://www.openssl.org/news/secadv/20240408.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2274020
reference_id 2274020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2274020
7
reference_url https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640
reference_id 5f8d25770ae6437db119dfc951e207271a326640
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640
8
reference_url https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
reference_id 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
9
reference_url https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
reference_id b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
10
reference_url https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
reference_id e9d7083e241670332e0443da0f0d4ffb52829f08
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
11
reference_url https://access.redhat.com/errata/RHSA-2024:9333
reference_id RHSA-2024:9333
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9333
12
reference_url https://usn.ubuntu.com/6937-1/
reference_id USN-6937-1
reference_type
scores
url https://usn.ubuntu.com/6937-1/
13
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.2.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.2.2-1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
7
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2024-2511
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efpm-7cfa-z7hx
2
url VCID-gz4c-x1gb-muat
vulnerability_id VCID-gz4c-x1gb-muat
summary openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9143.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9143
reference_id
reference_type
scores
0
value 0.00639
scoring_system epss
scoring_elements 0.70565
published_at 2026-04-18T12:55:00Z
1
value 0.00639
scoring_system epss
scoring_elements 0.70556
published_at 2026-04-16T12:55:00Z
2
value 0.00639
scoring_system epss
scoring_elements 0.70512
published_at 2026-04-13T12:55:00Z
3
value 0.00639
scoring_system epss
scoring_elements 0.70526
published_at 2026-04-12T12:55:00Z
4
value 0.00639
scoring_system epss
scoring_elements 0.70542
published_at 2026-04-11T12:55:00Z
5
value 0.00639
scoring_system epss
scoring_elements 0.70518
published_at 2026-04-09T12:55:00Z
6
value 0.00639
scoring_system epss
scoring_elements 0.70503
published_at 2026-04-08T12:55:00Z
7
value 0.00639
scoring_system epss
scoring_elements 0.70457
published_at 2026-04-07T12:55:00Z
8
value 0.00639
scoring_system epss
scoring_elements 0.70462
published_at 2026-04-02T12:55:00Z
9
value 0.00639
scoring_system epss
scoring_elements 0.70479
published_at 2026-04-04T12:55:00Z
10
value 0.0089
scoring_system epss
scoring_elements 0.75555
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9143
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9143
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085378
reference_id 1085378
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085378
5
reference_url https://openssl-library.org/news/secadv/20241016.txt
reference_id 20241016.txt
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://openssl-library.org/news/secadv/20241016.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2319236
reference_id 2319236
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2319236
7
reference_url https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712
reference_id 72ae83ad214d2eef262461365a1975707f862712
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712
8
reference_url https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a
reference_id 8efc0cbaa8ebba8e116f7b81a876a4123594d86a
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a
9
reference_url https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41
reference_id 9d576994cec2b7aa37a91740ea7e680810957e41
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41
10
reference_url https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700
reference_id bc7e04d7c8d509fb78fc0e285aa948fb0da04700
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700
11
reference_url https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4
reference_id c0d3e4d32d2805f49bec30547f225bc4d092e1f4
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4
12
reference_url https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154
reference_id fdf6723362ca51bd883295efe206cb5b1cfa5154
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154
13
reference_url https://usn.ubuntu.com/7264-1/
reference_id USN-7264-1
reference_type
scores
url https://usn.ubuntu.com/7264-1/
14
reference_url https://usn.ubuntu.com/7278-1/
reference_id USN-7278-1
reference_type
scores
url https://usn.ubuntu.com/7278-1/
15
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/openssl@3.0.15-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.15-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.15-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.3.2-2?distro=trixie
purl pkg:deb/debian/openssl@3.3.2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.3.2-2%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
7
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2024-9143
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gz4c-x1gb-muat
3
url VCID-hpev-apm4-sqfw
vulnerability_id VCID-hpev-apm4-sqfw
summary 
Null pointer dereference in PKCS12 parsing
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL
to crash leading to a potential Denial of Service attack

Impact summary: Applications loading files in the PKCS12 format from untrusted
sources might terminate abruptly.

A file in PKCS12 format can contain certificates and keys and may come from an
untrusted source. The PKCS12 specification allows certain fields to be NULL, but
OpenSSL does not correctly check for this case. This can lead to a NULL pointer
dereference that results in OpenSSL crashing. If an application processes PKCS12
files from an untrusted source using the OpenSSL APIs then that application will
be vulnerable to this issue.

OpenSSL APIs that are vulnerable to this are: PKCS12_parse(),
PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
and PKCS12_newpass().

We have also fixed a similar issue in SMIME_write_PKCS7(). However since this
function is related to writing data we do not consider it security significant.

The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0727
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.4659
published_at 2026-04-18T12:55:00Z
1
value 0.00236
scoring_system epss
scoring_elements 0.46556
published_at 2026-04-11T12:55:00Z
2
value 0.00236
scoring_system epss
scoring_elements 0.46528
published_at 2026-04-12T12:55:00Z
3
value 0.00236
scoring_system epss
scoring_elements 0.46593
published_at 2026-04-16T12:55:00Z
4
value 0.00236
scoring_system epss
scoring_elements 0.46537
published_at 2026-04-21T12:55:00Z
5
value 0.00236
scoring_system epss
scoring_elements 0.46509
published_at 2026-04-02T12:55:00Z
6
value 0.00236
scoring_system epss
scoring_elements 0.46529
published_at 2026-04-04T12:55:00Z
7
value 0.00236
scoring_system epss
scoring_elements 0.46477
published_at 2026-04-07T12:55:00Z
8
value 0.00236
scoring_system epss
scoring_elements 0.46533
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0727
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
5
reference_url https://github.com/github/advisory-database/pull/3472
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/3472
6
reference_url https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
7
reference_url https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
8
reference_url https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
9
reference_url https://github.com/openssl/openssl/pull/23362
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openssl/openssl/pull/23362
10
reference_url https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
11
reference_url https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
12
reference_url https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
13
reference_url https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html
14
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0727
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-0727
16
reference_url https://security.netapp.com/advisory/ntap-20240208-0006
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240208-0006
17
reference_url https://www.openssl.org/news/secadv/20240125.txt
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://www.openssl.org/news/secadv/20240125.txt
18
reference_url http://www.openwall.com/lists/oss-security/2024/03/11/1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/03/11/1
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
reference_id 1061582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259944
reference_id 2259944
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259944
21
reference_url https://github.com/advisories/GHSA-9v9h-cgj8-h64p
reference_id GHSA-9v9h-cgj8-h64p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9v9h-cgj8-h64p
22
reference_url https://access.redhat.com/errata/RHSA-2024:2447
reference_id RHSA-2024:2447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2447
23
reference_url https://access.redhat.com/errata/RHSA-2024:9088
reference_id RHSA-2024:9088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9088
24
reference_url https://usn.ubuntu.com/6622-1/
reference_id USN-6622-1
reference_type
scores
url https://usn.ubuntu.com/6622-1/
25
reference_url https://usn.ubuntu.com/6632-1/
reference_id USN-6632-1
reference_type
scores
url https://usn.ubuntu.com/6632-1/
26
reference_url https://usn.ubuntu.com/6709-1/
reference_id USN-6709-1
reference_type
scores
url https://usn.ubuntu.com/6709-1/
27
reference_url https://usn.ubuntu.com/7018-1/
reference_id USN-7018-1
reference_type
scores
url https://usn.ubuntu.com/7018-1/
28
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.1.5-1?distro=trixie
purl pkg:deb/debian/openssl@3.1.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
7
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2024-0727, GHSA-9v9h-cgj8-h64p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpev-apm4-sqfw
4
url VCID-jq5s-hzam-zfda
vulnerability_id VCID-jq5s-hzam-zfda
summary openssl: Use After Free with SSL_free_buffers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4741.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4741.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4741
reference_id
reference_type
scores
0
value 0.00264
scoring_system epss
scoring_elements 0.49905
published_at 2026-04-02T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58131
published_at 2026-04-21T12:55:00Z
2
value 0.00359
scoring_system epss
scoring_elements 0.58119
published_at 2026-04-04T12:55:00Z
3
value 0.00359
scoring_system epss
scoring_elements 0.58094
published_at 2026-04-07T12:55:00Z
4
value 0.00359
scoring_system epss
scoring_elements 0.58148
published_at 2026-04-08T12:55:00Z
5
value 0.00359
scoring_system epss
scoring_elements 0.58152
published_at 2026-04-09T12:55:00Z
6
value 0.00359
scoring_system epss
scoring_elements 0.58167
published_at 2026-04-11T12:55:00Z
7
value 0.00359
scoring_system epss
scoring_elements 0.58144
published_at 2026-04-12T12:55:00Z
8
value 0.00359
scoring_system epss
scoring_elements 0.58124
published_at 2026-04-13T12:55:00Z
9
value 0.00359
scoring_system epss
scoring_elements 0.58155
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4741
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072113
reference_id 1072113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072113
5
reference_url https://www.openssl.org/news/secadv/20240528.txt
reference_id 20240528.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://www.openssl.org/news/secadv/20240528.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2283757
reference_id 2283757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2283757
7
reference_url https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177
reference_id 704f725b96aa373ee45ecfb23f6abfe8be8d9177
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177
8
reference_url https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
reference_id b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
9
reference_url https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac
reference_id c88c3de51020c37e8706bf7a682a162593053aac
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac
10
reference_url https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8
reference_id e5093133c35ca82874ad83697af76f4b0f7e3bd8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8
11
reference_url https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4
reference_id f7a045f3143fc6da2ee66bf52d8df04829590dd4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4
12
reference_url https://access.redhat.com/errata/RHSA-2024:9333
reference_id RHSA-2024:9333
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9333
13
reference_url https://usn.ubuntu.com/6937-1/
reference_id USN-6937-1
reference_type
scores
url https://usn.ubuntu.com/6937-1/
14
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.2.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.2.2-1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
7
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2024-4741
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jq5s-hzam-zfda
5
url VCID-sn5k-3e59-7ba8
vulnerability_id VCID-sn5k-3e59-7ba8
summary 
Improper Check for Unusual or Exceptional Conditions
Issue summary: Generating excessively long X9.42 DH keys or checking
excessively long X9.42 DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_generate_key() to
generate an X9.42 DH key may experience long delays. Likewise, applications
that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()
to check an X9.42 DH key or X9.42 DH parameters may experience long delays.
Where the key or parameters that are being checked have been obtained from
an untrusted source this may lead to a Denial of Service.

While DH_check() performs all the necessary checks (as of CVE-2023-3817),
DH_check_pub_key() does not make any of these checks, and is therefore
vulnerable for excessively large P and Q parameters.

Likewise, while DH_generate_key() performs a check for an excessively large
P, it does not check for an excessively large Q.

An application that calls DH_generate_key() or DH_check_pub_key() and
supplies a key or parameters obtained from an untrusted source could be
vulnerable to a Denial of Service attack.

DH_generate_key() and DH_check_pub_key() are also called by a number of
other OpenSSL functions. An application calling any of those other
functions may similarly be affected. The other functions affected by this
are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().

Also vulnerable are the OpenSSL pkey command line application when using the
"-pubcheck" option, as well as the OpenSSL genpkey command line application.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5678
reference_id
reference_type
scores
0
value 0.00638
scoring_system epss
scoring_elements 0.70523
published_at 2026-04-21T12:55:00Z
1
value 0.00638
scoring_system epss
scoring_elements 0.70482
published_at 2026-04-08T12:55:00Z
2
value 0.00638
scoring_system epss
scoring_elements 0.70498
published_at 2026-04-09T12:55:00Z
3
value 0.00638
scoring_system epss
scoring_elements 0.70522
published_at 2026-04-11T12:55:00Z
4
value 0.00638
scoring_system epss
scoring_elements 0.70507
published_at 2026-04-12T12:55:00Z
5
value 0.00638
scoring_system epss
scoring_elements 0.70492
published_at 2026-04-13T12:55:00Z
6
value 0.00638
scoring_system epss
scoring_elements 0.70535
published_at 2026-04-16T12:55:00Z
7
value 0.00638
scoring_system epss
scoring_elements 0.70543
published_at 2026-04-18T12:55:00Z
8
value 0.00656
scoring_system epss
scoring_elements 0.7097
published_at 2026-04-04T12:55:00Z
9
value 0.00656
scoring_system epss
scoring_elements 0.70945
published_at 2026-04-07T12:55:00Z
10
value 0.00656
scoring_system epss
scoring_elements 0.70953
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5678
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055
5
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c
6
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
7
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6
8
reference_url https://www.openssl.org/news/secadv/20231106.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://www.openssl.org/news/secadv/20231106.txt
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473
reference_id 1055473
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2248616
reference_id 2248616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2248616
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5678
reference_id CVE-2023-5678
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-5678
12
reference_url https://access.redhat.com/errata/RHSA-2023:7877
reference_id RHSA-2023:7877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7877
13
reference_url https://access.redhat.com/errata/RHSA-2024:0154
reference_id RHSA-2024:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0154
14
reference_url https://access.redhat.com/errata/RHSA-2024:0208
reference_id RHSA-2024:0208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0208
15
reference_url https://access.redhat.com/errata/RHSA-2024:1316
reference_id RHSA-2024:1316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1316
16
reference_url https://access.redhat.com/errata/RHSA-2024:1317
reference_id RHSA-2024:1317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1317
17
reference_url https://access.redhat.com/errata/RHSA-2024:1318
reference_id RHSA-2024:1318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1318
18
reference_url https://access.redhat.com/errata/RHSA-2024:1319
reference_id RHSA-2024:1319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1319
19
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
20
reference_url https://access.redhat.com/errata/RHSA-2024:2447
reference_id RHSA-2024:2447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2447
21
reference_url https://usn.ubuntu.com/6622-1/
reference_id USN-6622-1
reference_type
scores
url https://usn.ubuntu.com/6622-1/
22
reference_url https://usn.ubuntu.com/6632-1/
reference_id USN-6632-1
reference_type
scores
url https://usn.ubuntu.com/6632-1/
23
reference_url https://usn.ubuntu.com/6709-1/
reference_id USN-6709-1
reference_type
scores
url https://usn.ubuntu.com/6709-1/
24
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87vs-4p6w-xbgq
1
vulnerability VCID-8gde-1md7-5yak
2
vulnerability VCID-cef8-2p5t-bff7
3
vulnerability VCID-f2na-rtsu-ffad
4
vulnerability VCID-hgvf-vxhr-cye8
5
vulnerability VCID-wuwm-ksb1-6qd5
6
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/openssl@3.0.12-2?distro=trixie
purl pkg:deb/debian/openssl@3.0.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.12-2%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8gde-1md7-5yak
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7f9q-mhsr-8bfq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.1-3?distro=trixie
purl pkg:deb/debian/openssl@3.6.1-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-74wu-sup9-cybb
1
vulnerability VCID-7f9q-mhsr-8bfq
2
vulnerability VCID-87vs-4p6w-xbgq
3
vulnerability VCID-cef8-2p5t-bff7
4
vulnerability VCID-f2na-rtsu-ffad
5
vulnerability VCID-hgvf-vxhr-cye8
6
vulnerability VCID-wuwm-ksb1-6qd5
7
vulnerability VCID-zkc9-huk8-27bc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie
7
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
aliases CVE-2023-5678
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sn5k-3e59-7ba8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie