Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
Typedeb
Namespacedebian
Namewolfssl
Version5.7.2-0.1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.7.2-0.4
Latest_non_vulnerable_version5.9.1-0.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1u3q-52yd-1bhe
vulnerability_id VCID-1u3q-52yd-1bhe
summary In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5991
reference_id
reference_type
scores
0
value 0.00111
scoring_system epss
scoring_elements 0.294
published_at 2026-04-21T12:55:00Z
1
value 0.00111
scoring_system epss
scoring_elements 0.29474
published_at 2026-04-16T12:55:00Z
2
value 0.00111
scoring_system epss
scoring_elements 0.29446
published_at 2026-04-18T12:55:00Z
3
value 0.00111
scoring_system epss
scoring_elements 0.29577
published_at 2026-04-02T12:55:00Z
4
value 0.00111
scoring_system epss
scoring_elements 0.29626
published_at 2026-04-04T12:55:00Z
5
value 0.00111
scoring_system epss
scoring_elements 0.29448
published_at 2026-04-07T12:55:00Z
6
value 0.00111
scoring_system epss
scoring_elements 0.2951
published_at 2026-04-08T12:55:00Z
7
value 0.00111
scoring_system epss
scoring_elements 0.2955
published_at 2026-04-09T12:55:00Z
8
value 0.00111
scoring_system epss
scoring_elements 0.29552
published_at 2026-04-11T12:55:00Z
9
value 0.00111
scoring_system epss
scoring_elements 0.29507
published_at 2026-04-12T12:55:00Z
10
value 0.00111
scoring_system epss
scoring_elements 0.29455
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5991
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5991
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081788
reference_id 1081788
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081788
fixed_packages
0
url pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-3gve-u4f4-bkht
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-4zyq-af27-yqa4
6
vulnerability VCID-6v8z-cfax-zqbh
7
vulnerability VCID-75y2-h9uk-n3a6
8
vulnerability VCID-8735-ectc-j7a3
9
vulnerability VCID-9jb1-k32z-w7gw
10
vulnerability VCID-9jpj-dfsf-qkce
11
vulnerability VCID-9jw2-3v9v-ruap
12
vulnerability VCID-9kev-ferz-5bhr
13
vulnerability VCID-9x14-2t7m-1kbm
14
vulnerability VCID-bfap-h1d9-33dj
15
vulnerability VCID-cv4y-g4un-ckd4
16
vulnerability VCID-cxhw-3w24-dkes
17
vulnerability VCID-f57c-kamk-3bct
18
vulnerability VCID-f5kd-yqz2-nkcb
19
vulnerability VCID-fmtp-x6y7-83g1
20
vulnerability VCID-g5u9-khw6-4kgn
21
vulnerability VCID-gcfd-w8je-kqfm
22
vulnerability VCID-gdur-h588-vbb6
23
vulnerability VCID-gmdj-a1ys-tqc2
24
vulnerability VCID-gtdh-mytb-t3fh
25
vulnerability VCID-h6na-nxxq-5yg9
26
vulnerability VCID-hdbf-118z-2yec
27
vulnerability VCID-hk8r-kk4v-1fa7
28
vulnerability VCID-jc3b-m4ud-n7fw
29
vulnerability VCID-jvnf-vh29-ufdh
30
vulnerability VCID-jxf4-y1au-5bhw
31
vulnerability VCID-khur-3ax7-9fhb
32
vulnerability VCID-n64w-nq6a-m7bv
33
vulnerability VCID-n6uz-fe7m-uqhk
34
vulnerability VCID-njbj-f91t-b7f4
35
vulnerability VCID-nqhj-d7uw-43hd
36
vulnerability VCID-srmp-3tvp-9uhv
37
vulnerability VCID-u55w-unmd-97cm
38
vulnerability VCID-udcq-enxt-wyf1
39
vulnerability VCID-ugd8-9xzt-xbdz
40
vulnerability VCID-uvht-9bt9-hfbb
41
vulnerability VCID-v3m6-zajw-bfhb
42
vulnerability VCID-vugd-2jfz-23b5
43
vulnerability VCID-x3uy-7crx-2kae
44
vulnerability VCID-xuyn-pjpb-g7du
45
vulnerability VCID-xxkx-w5pc-5uap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie
2
url pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-3gve-u4f4-bkht
3
vulnerability VCID-4zyq-af27-yqa4
4
vulnerability VCID-75y2-h9uk-n3a6
5
vulnerability VCID-9jb1-k32z-w7gw
6
vulnerability VCID-bfap-h1d9-33dj
7
vulnerability VCID-cv4y-g4un-ckd4
8
vulnerability VCID-f5kd-yqz2-nkcb
9
vulnerability VCID-g5u9-khw6-4kgn
10
vulnerability VCID-gtdh-mytb-t3fh
11
vulnerability VCID-hdbf-118z-2yec
12
vulnerability VCID-jc3b-m4ud-n7fw
13
vulnerability VCID-jvnf-vh29-ufdh
14
vulnerability VCID-n6uz-fe7m-uqhk
15
vulnerability VCID-nqhj-d7uw-43hd
16
vulnerability VCID-srmp-3tvp-9uhv
17
vulnerability VCID-u55w-unmd-97cm
18
vulnerability VCID-udcq-enxt-wyf1
19
vulnerability VCID-ugd8-9xzt-xbdz
20
vulnerability VCID-vugd-2jfz-23b5
21
vulnerability VCID-x3uy-7crx-2kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie
3
url pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie
aliases CVE-2024-5991
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1u3q-52yd-1bhe
1
url VCID-9hdy-aqa2-w3bd
vulnerability_id VCID-9hdy-aqa2-w3bd
summary A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5814
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44432
published_at 2026-04-21T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.4451
published_at 2026-04-16T12:55:00Z
2
value 0.00218
scoring_system epss
scoring_elements 0.44502
published_at 2026-04-18T12:55:00Z
3
value 0.00218
scoring_system epss
scoring_elements 0.44455
published_at 2026-04-12T12:55:00Z
4
value 0.00218
scoring_system epss
scoring_elements 0.44476
published_at 2026-04-04T12:55:00Z
5
value 0.00218
scoring_system epss
scoring_elements 0.44412
published_at 2026-04-07T12:55:00Z
6
value 0.00218
scoring_system epss
scoring_elements 0.44463
published_at 2026-04-08T12:55:00Z
7
value 0.00218
scoring_system epss
scoring_elements 0.4447
published_at 2026-04-09T12:55:00Z
8
value 0.00218
scoring_system epss
scoring_elements 0.44486
published_at 2026-04-11T12:55:00Z
9
value 0.00218
scoring_system epss
scoring_elements 0.44454
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5814
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5814
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081791
reference_id 1081791
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081791
3
reference_url https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later
reference_id ChangeLog.md#add_later
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/V:D/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:18:34Z/
url https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later
fixed_packages
0
url pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-3gve-u4f4-bkht
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-4zyq-af27-yqa4
6
vulnerability VCID-6v8z-cfax-zqbh
7
vulnerability VCID-75y2-h9uk-n3a6
8
vulnerability VCID-8735-ectc-j7a3
9
vulnerability VCID-9jb1-k32z-w7gw
10
vulnerability VCID-9jpj-dfsf-qkce
11
vulnerability VCID-9jw2-3v9v-ruap
12
vulnerability VCID-9kev-ferz-5bhr
13
vulnerability VCID-9x14-2t7m-1kbm
14
vulnerability VCID-bfap-h1d9-33dj
15
vulnerability VCID-cv4y-g4un-ckd4
16
vulnerability VCID-cxhw-3w24-dkes
17
vulnerability VCID-f57c-kamk-3bct
18
vulnerability VCID-f5kd-yqz2-nkcb
19
vulnerability VCID-fmtp-x6y7-83g1
20
vulnerability VCID-g5u9-khw6-4kgn
21
vulnerability VCID-gcfd-w8je-kqfm
22
vulnerability VCID-gdur-h588-vbb6
23
vulnerability VCID-gmdj-a1ys-tqc2
24
vulnerability VCID-gtdh-mytb-t3fh
25
vulnerability VCID-h6na-nxxq-5yg9
26
vulnerability VCID-hdbf-118z-2yec
27
vulnerability VCID-hk8r-kk4v-1fa7
28
vulnerability VCID-jc3b-m4ud-n7fw
29
vulnerability VCID-jvnf-vh29-ufdh
30
vulnerability VCID-jxf4-y1au-5bhw
31
vulnerability VCID-khur-3ax7-9fhb
32
vulnerability VCID-n64w-nq6a-m7bv
33
vulnerability VCID-n6uz-fe7m-uqhk
34
vulnerability VCID-njbj-f91t-b7f4
35
vulnerability VCID-nqhj-d7uw-43hd
36
vulnerability VCID-srmp-3tvp-9uhv
37
vulnerability VCID-u55w-unmd-97cm
38
vulnerability VCID-udcq-enxt-wyf1
39
vulnerability VCID-ugd8-9xzt-xbdz
40
vulnerability VCID-uvht-9bt9-hfbb
41
vulnerability VCID-v3m6-zajw-bfhb
42
vulnerability VCID-vugd-2jfz-23b5
43
vulnerability VCID-x3uy-7crx-2kae
44
vulnerability VCID-xuyn-pjpb-g7du
45
vulnerability VCID-xxkx-w5pc-5uap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie
2
url pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-3gve-u4f4-bkht
3
vulnerability VCID-4zyq-af27-yqa4
4
vulnerability VCID-75y2-h9uk-n3a6
5
vulnerability VCID-9jb1-k32z-w7gw
6
vulnerability VCID-bfap-h1d9-33dj
7
vulnerability VCID-cv4y-g4un-ckd4
8
vulnerability VCID-f5kd-yqz2-nkcb
9
vulnerability VCID-g5u9-khw6-4kgn
10
vulnerability VCID-gtdh-mytb-t3fh
11
vulnerability VCID-hdbf-118z-2yec
12
vulnerability VCID-jc3b-m4ud-n7fw
13
vulnerability VCID-jvnf-vh29-ufdh
14
vulnerability VCID-n6uz-fe7m-uqhk
15
vulnerability VCID-nqhj-d7uw-43hd
16
vulnerability VCID-srmp-3tvp-9uhv
17
vulnerability VCID-u55w-unmd-97cm
18
vulnerability VCID-udcq-enxt-wyf1
19
vulnerability VCID-ugd8-9xzt-xbdz
20
vulnerability VCID-vugd-2jfz-23b5
21
vulnerability VCID-x3uy-7crx-2kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie
3
url pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie
aliases CVE-2024-5814
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hdy-aqa2-w3bd
2
url VCID-dpu2-4w42-kygw
vulnerability_id VCID-dpu2-4w42-kygw
summary Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor q_e by dividing the upper two digits (a digit having e.g. a size of 8 byte) of r by the upper digit of n and then decrements q_e in a loop until it has the correct size. Observing the number of times q_e is decremented through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. For SECP160R1, e.g., we find a bias of 15 bits.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-1544
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22835
published_at 2026-04-09T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.22763
published_at 2026-04-13T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22819
published_at 2026-04-12T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22857
published_at 2026-04-11T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22871
published_at 2026-04-02T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-04T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22708
published_at 2026-04-07T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22783
published_at 2026-04-08T12:55:00Z
8
value 0.00153
scoring_system epss
scoring_elements 0.35958
published_at 2026-04-21T12:55:00Z
9
value 0.00153
scoring_system epss
scoring_elements 0.36023
published_at 2026-04-16T12:55:00Z
10
value 0.00153
scoring_system epss
scoring_elements 0.36008
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-1544
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1544
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081789
reference_id 1081789
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081789
3
reference_url https://github.com/wolfSSL/wolfssl/pull/7020
reference_id 7020
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:14:00Z/
url https://github.com/wolfSSL/wolfssl/pull/7020
4
reference_url https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
reference_id v5.7.2-stable
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:14:00Z/
url https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
fixed_packages
0
url pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-3gve-u4f4-bkht
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-4zyq-af27-yqa4
6
vulnerability VCID-6v8z-cfax-zqbh
7
vulnerability VCID-75y2-h9uk-n3a6
8
vulnerability VCID-8735-ectc-j7a3
9
vulnerability VCID-9jb1-k32z-w7gw
10
vulnerability VCID-9jpj-dfsf-qkce
11
vulnerability VCID-9jw2-3v9v-ruap
12
vulnerability VCID-9kev-ferz-5bhr
13
vulnerability VCID-9x14-2t7m-1kbm
14
vulnerability VCID-bfap-h1d9-33dj
15
vulnerability VCID-cv4y-g4un-ckd4
16
vulnerability VCID-cxhw-3w24-dkes
17
vulnerability VCID-f57c-kamk-3bct
18
vulnerability VCID-f5kd-yqz2-nkcb
19
vulnerability VCID-fmtp-x6y7-83g1
20
vulnerability VCID-g5u9-khw6-4kgn
21
vulnerability VCID-gcfd-w8je-kqfm
22
vulnerability VCID-gdur-h588-vbb6
23
vulnerability VCID-gmdj-a1ys-tqc2
24
vulnerability VCID-gtdh-mytb-t3fh
25
vulnerability VCID-h6na-nxxq-5yg9
26
vulnerability VCID-hdbf-118z-2yec
27
vulnerability VCID-hk8r-kk4v-1fa7
28
vulnerability VCID-jc3b-m4ud-n7fw
29
vulnerability VCID-jvnf-vh29-ufdh
30
vulnerability VCID-jxf4-y1au-5bhw
31
vulnerability VCID-khur-3ax7-9fhb
32
vulnerability VCID-n64w-nq6a-m7bv
33
vulnerability VCID-n6uz-fe7m-uqhk
34
vulnerability VCID-njbj-f91t-b7f4
35
vulnerability VCID-nqhj-d7uw-43hd
36
vulnerability VCID-srmp-3tvp-9uhv
37
vulnerability VCID-u55w-unmd-97cm
38
vulnerability VCID-udcq-enxt-wyf1
39
vulnerability VCID-ugd8-9xzt-xbdz
40
vulnerability VCID-uvht-9bt9-hfbb
41
vulnerability VCID-v3m6-zajw-bfhb
42
vulnerability VCID-vugd-2jfz-23b5
43
vulnerability VCID-x3uy-7crx-2kae
44
vulnerability VCID-xuyn-pjpb-g7du
45
vulnerability VCID-xxkx-w5pc-5uap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie
2
url pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-3gve-u4f4-bkht
3
vulnerability VCID-4zyq-af27-yqa4
4
vulnerability VCID-75y2-h9uk-n3a6
5
vulnerability VCID-9jb1-k32z-w7gw
6
vulnerability VCID-bfap-h1d9-33dj
7
vulnerability VCID-cv4y-g4un-ckd4
8
vulnerability VCID-f5kd-yqz2-nkcb
9
vulnerability VCID-g5u9-khw6-4kgn
10
vulnerability VCID-gtdh-mytb-t3fh
11
vulnerability VCID-hdbf-118z-2yec
12
vulnerability VCID-jc3b-m4ud-n7fw
13
vulnerability VCID-jvnf-vh29-ufdh
14
vulnerability VCID-n6uz-fe7m-uqhk
15
vulnerability VCID-nqhj-d7uw-43hd
16
vulnerability VCID-srmp-3tvp-9uhv
17
vulnerability VCID-u55w-unmd-97cm
18
vulnerability VCID-udcq-enxt-wyf1
19
vulnerability VCID-ugd8-9xzt-xbdz
20
vulnerability VCID-vugd-2jfz-23b5
21
vulnerability VCID-x3uy-7crx-2kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie
3
url pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie
aliases CVE-2024-1544
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpu2-4w42-kygw
3
url VCID-xfgd-4hs3-vygk
vulnerability_id VCID-xfgd-4hs3-vygk
summary An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5288
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25108
published_at 2026-04-21T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.2514
published_at 2026-04-18T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.2515
published_at 2026-04-16T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.25289
published_at 2026-04-02T12:55:00Z
4
value 0.00088
scoring_system epss
scoring_elements 0.2533
published_at 2026-04-04T12:55:00Z
5
value 0.00088
scoring_system epss
scoring_elements 0.25107
published_at 2026-04-07T12:55:00Z
6
value 0.00088
scoring_system epss
scoring_elements 0.25176
published_at 2026-04-08T12:55:00Z
7
value 0.00088
scoring_system epss
scoring_elements 0.25221
published_at 2026-04-09T12:55:00Z
8
value 0.00088
scoring_system epss
scoring_elements 0.25235
published_at 2026-04-11T12:55:00Z
9
value 0.00088
scoring_system epss
scoring_elements 0.25193
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5288
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5288
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5288
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081790
reference_id 1081790
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081790
3
reference_url https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
reference_id v5.7.2-stable
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:22:54Z/
url https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
fixed_packages
0
url pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-3gve-u4f4-bkht
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-4zyq-af27-yqa4
6
vulnerability VCID-6v8z-cfax-zqbh
7
vulnerability VCID-75y2-h9uk-n3a6
8
vulnerability VCID-8735-ectc-j7a3
9
vulnerability VCID-9jb1-k32z-w7gw
10
vulnerability VCID-9jpj-dfsf-qkce
11
vulnerability VCID-9jw2-3v9v-ruap
12
vulnerability VCID-9kev-ferz-5bhr
13
vulnerability VCID-9x14-2t7m-1kbm
14
vulnerability VCID-bfap-h1d9-33dj
15
vulnerability VCID-cv4y-g4un-ckd4
16
vulnerability VCID-cxhw-3w24-dkes
17
vulnerability VCID-f57c-kamk-3bct
18
vulnerability VCID-f5kd-yqz2-nkcb
19
vulnerability VCID-fmtp-x6y7-83g1
20
vulnerability VCID-g5u9-khw6-4kgn
21
vulnerability VCID-gcfd-w8je-kqfm
22
vulnerability VCID-gdur-h588-vbb6
23
vulnerability VCID-gmdj-a1ys-tqc2
24
vulnerability VCID-gtdh-mytb-t3fh
25
vulnerability VCID-h6na-nxxq-5yg9
26
vulnerability VCID-hdbf-118z-2yec
27
vulnerability VCID-hk8r-kk4v-1fa7
28
vulnerability VCID-jc3b-m4ud-n7fw
29
vulnerability VCID-jvnf-vh29-ufdh
30
vulnerability VCID-jxf4-y1au-5bhw
31
vulnerability VCID-khur-3ax7-9fhb
32
vulnerability VCID-n64w-nq6a-m7bv
33
vulnerability VCID-n6uz-fe7m-uqhk
34
vulnerability VCID-njbj-f91t-b7f4
35
vulnerability VCID-nqhj-d7uw-43hd
36
vulnerability VCID-srmp-3tvp-9uhv
37
vulnerability VCID-u55w-unmd-97cm
38
vulnerability VCID-udcq-enxt-wyf1
39
vulnerability VCID-ugd8-9xzt-xbdz
40
vulnerability VCID-uvht-9bt9-hfbb
41
vulnerability VCID-v3m6-zajw-bfhb
42
vulnerability VCID-vugd-2jfz-23b5
43
vulnerability VCID-x3uy-7crx-2kae
44
vulnerability VCID-xuyn-pjpb-g7du
45
vulnerability VCID-xxkx-w5pc-5uap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie
2
url pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-3gve-u4f4-bkht
3
vulnerability VCID-4zyq-af27-yqa4
4
vulnerability VCID-75y2-h9uk-n3a6
5
vulnerability VCID-9jb1-k32z-w7gw
6
vulnerability VCID-bfap-h1d9-33dj
7
vulnerability VCID-cv4y-g4un-ckd4
8
vulnerability VCID-f5kd-yqz2-nkcb
9
vulnerability VCID-g5u9-khw6-4kgn
10
vulnerability VCID-gtdh-mytb-t3fh
11
vulnerability VCID-hdbf-118z-2yec
12
vulnerability VCID-jc3b-m4ud-n7fw
13
vulnerability VCID-jvnf-vh29-ufdh
14
vulnerability VCID-n6uz-fe7m-uqhk
15
vulnerability VCID-nqhj-d7uw-43hd
16
vulnerability VCID-srmp-3tvp-9uhv
17
vulnerability VCID-u55w-unmd-97cm
18
vulnerability VCID-udcq-enxt-wyf1
19
vulnerability VCID-ugd8-9xzt-xbdz
20
vulnerability VCID-vugd-2jfz-23b5
21
vulnerability VCID-x3uy-7crx-2kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie
3
url pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie
aliases CVE-2024-5288
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfgd-4hs3-vygk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie