Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/wolfssl@5.5.4-2.1?distro=trixie
Typedeb
Namespacedebian
Namewolfssl
Version5.5.4-2.1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.6.6-1.2
Latest_non_vulnerable_version5.9.0-0.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-hguq-mr6k-jqd3
vulnerability_id VCID-hguq-mr6k-jqd3
summary 
Improper Certificate Validation
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM (Input Keying Material) value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. wolfSSL recommends that TLS 1.3 client side users update the version of wolfSSL used.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3724
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.29064
published_at 2026-04-02T12:55:00Z
1
value 0.00107
scoring_system epss
scoring_elements 0.29115
published_at 2026-04-04T12:55:00Z
2
value 0.00107
scoring_system epss
scoring_elements 0.28927
published_at 2026-04-07T12:55:00Z
3
value 0.00107
scoring_system epss
scoring_elements 0.28992
published_at 2026-04-08T12:55:00Z
4
value 0.00107
scoring_system epss
scoring_elements 0.29035
published_at 2026-04-09T12:55:00Z
5
value 0.00134
scoring_system epss
scoring_elements 0.33149
published_at 2026-04-11T12:55:00Z
6
value 0.00134
scoring_system epss
scoring_elements 0.3311
published_at 2026-04-12T12:55:00Z
7
value 0.00134
scoring_system epss
scoring_elements 0.33087
published_at 2026-04-13T12:55:00Z
8
value 0.00134
scoring_system epss
scoring_elements 0.33128
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3724
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3724
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3724
2
reference_url https://github.com/wolfSSL/wolfssl/pull/6412
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-29T15:53:34Z/
url https://github.com/wolfSSL/wolfssl/pull/6412
3
reference_url https://www.wolfssl.com/docs/security-vulnerabilities/
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-29T15:53:34Z/
url https://www.wolfssl.com/docs/security-vulnerabilities/
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041699
reference_id 1041699
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041699
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3724
reference_id CVE-2023-3724
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-3724
fixed_packages
0
url pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u3q-52yd-1bhe
1
vulnerability VCID-24s5-d6jt-4kfe
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-47nm-nte5-27fm
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-6n4g-us9a-53g4
6
vulnerability VCID-6v8z-cfax-zqbh
7
vulnerability VCID-7xbp-qkvv-bqgm
8
vulnerability VCID-8735-ectc-j7a3
9
vulnerability VCID-9hdy-aqa2-w3bd
10
vulnerability VCID-9jpj-dfsf-qkce
11
vulnerability VCID-9jw2-3v9v-ruap
12
vulnerability VCID-9kev-ferz-5bhr
13
vulnerability VCID-9x14-2t7m-1kbm
14
vulnerability VCID-cum2-vp1j-syfc
15
vulnerability VCID-cxhw-3w24-dkes
16
vulnerability VCID-dpu2-4w42-kygw
17
vulnerability VCID-euma-vgqx-sbau
18
vulnerability VCID-f4gq-hqcp-dqe2
19
vulnerability VCID-f57c-kamk-3bct
20
vulnerability VCID-fmtp-x6y7-83g1
21
vulnerability VCID-gcfd-w8je-kqfm
22
vulnerability VCID-gdur-h588-vbb6
23
vulnerability VCID-gmdj-a1ys-tqc2
24
vulnerability VCID-h6na-nxxq-5yg9
25
vulnerability VCID-hk8r-kk4v-1fa7
26
vulnerability VCID-jxf4-y1au-5bhw
27
vulnerability VCID-khur-3ax7-9fhb
28
vulnerability VCID-n64w-nq6a-m7bv
29
vulnerability VCID-njbj-f91t-b7f4
30
vulnerability VCID-su8x-6n42-n3d5
31
vulnerability VCID-u24a-2khf-uyba
32
vulnerability VCID-uvht-9bt9-hfbb
33
vulnerability VCID-v3m6-zajw-bfhb
34
vulnerability VCID-xfgd-4hs3-vygk
35
vulnerability VCID-xuyn-pjpb-g7du
36
vulnerability VCID-xxkx-w5pc-5uap
37
vulnerability VCID-zhf4-y8v8-gubn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u3q-52yd-1bhe
1
vulnerability VCID-24s5-d6jt-4kfe
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-47nm-nte5-27fm
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-6v8z-cfax-zqbh
6
vulnerability VCID-7xbp-qkvv-bqgm
7
vulnerability VCID-8735-ectc-j7a3
8
vulnerability VCID-9hdy-aqa2-w3bd
9
vulnerability VCID-9jpj-dfsf-qkce
10
vulnerability VCID-9jw2-3v9v-ruap
11
vulnerability VCID-9kev-ferz-5bhr
12
vulnerability VCID-9x14-2t7m-1kbm
13
vulnerability VCID-cxhw-3w24-dkes
14
vulnerability VCID-dpu2-4w42-kygw
15
vulnerability VCID-euma-vgqx-sbau
16
vulnerability VCID-f57c-kamk-3bct
17
vulnerability VCID-fmtp-x6y7-83g1
18
vulnerability VCID-gcfd-w8je-kqfm
19
vulnerability VCID-gdur-h588-vbb6
20
vulnerability VCID-gmdj-a1ys-tqc2
21
vulnerability VCID-h6na-nxxq-5yg9
22
vulnerability VCID-hk8r-kk4v-1fa7
23
vulnerability VCID-jxf4-y1au-5bhw
24
vulnerability VCID-khur-3ax7-9fhb
25
vulnerability VCID-n64w-nq6a-m7bv
26
vulnerability VCID-njbj-f91t-b7f4
27
vulnerability VCID-su8x-6n42-n3d5
28
vulnerability VCID-u24a-2khf-uyba
29
vulnerability VCID-uvht-9bt9-hfbb
30
vulnerability VCID-v3m6-zajw-bfhb
31
vulnerability VCID-xfgd-4hs3-vygk
32
vulnerability VCID-xuyn-pjpb-g7du
33
vulnerability VCID-xxkx-w5pc-5uap
34
vulnerability VCID-zhf4-y8v8-gubn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/wolfssl@5.5.4-2.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.5.4-2.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2.1%3Fdistro=trixie
4
url pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ry7-trrg-gfdk
1
vulnerability VCID-4zda-zrq6-hbc8
2
vulnerability VCID-6v8z-cfax-zqbh
3
vulnerability VCID-8735-ectc-j7a3
4
vulnerability VCID-9jpj-dfsf-qkce
5
vulnerability VCID-9jw2-3v9v-ruap
6
vulnerability VCID-9kev-ferz-5bhr
7
vulnerability VCID-9x14-2t7m-1kbm
8
vulnerability VCID-cxhw-3w24-dkes
9
vulnerability VCID-f57c-kamk-3bct
10
vulnerability VCID-fmtp-x6y7-83g1
11
vulnerability VCID-gcfd-w8je-kqfm
12
vulnerability VCID-gdur-h588-vbb6
13
vulnerability VCID-gmdj-a1ys-tqc2
14
vulnerability VCID-h6na-nxxq-5yg9
15
vulnerability VCID-hk8r-kk4v-1fa7
16
vulnerability VCID-jxf4-y1au-5bhw
17
vulnerability VCID-khur-3ax7-9fhb
18
vulnerability VCID-n64w-nq6a-m7bv
19
vulnerability VCID-njbj-f91t-b7f4
20
vulnerability VCID-uvht-9bt9-hfbb
21
vulnerability VCID-v3m6-zajw-bfhb
22
vulnerability VCID-xuyn-pjpb-g7du
23
vulnerability VCID-xxkx-w5pc-5uap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie
aliases CVE-2023-3724
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hguq-mr6k-jqd3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2.1%3Fdistro=trixie