Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/wolfssl@5.7.2-0.4?distro=trixie
Typedeb
Namespacedebian
Namewolfssl
Version5.7.2-0.4
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.8.4-1
Latest_non_vulnerable_version5.9.1-0.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-f4gq-hqcp-dqe2
vulnerability_id VCID-f4gq-hqcp-dqe2
summary In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-7394
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.16926
published_at 2026-04-02T12:55:00Z
1
value 0.0007
scoring_system epss
scoring_elements 0.21509
published_at 2026-04-12T12:55:00Z
2
value 0.0007
scoring_system epss
scoring_elements 0.21536
published_at 2026-04-09T12:55:00Z
3
value 0.0007
scoring_system epss
scoring_elements 0.21644
published_at 2026-04-04T12:55:00Z
4
value 0.0007
scoring_system epss
scoring_elements 0.21398
published_at 2026-04-07T12:55:00Z
5
value 0.0007
scoring_system epss
scoring_elements 0.21477
published_at 2026-04-08T12:55:00Z
6
value 0.0007
scoring_system epss
scoring_elements 0.21547
published_at 2026-04-11T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.23209
published_at 2026-04-21T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.2322
published_at 2026-04-13T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23236
published_at 2026-04-16T12:55:00Z
10
value 0.00078
scoring_system epss
scoring_elements 0.23229
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-7394
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109549
reference_id 1109549
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109549
4
reference_url https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025
reference_id ChangeLog.md#wolfssl-release-582-july-17-2025
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-21T15:00:11Z/
url https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025
fixed_packages
0
url pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-1u3q-52yd-1bhe
2
vulnerability VCID-24mg-wn6a-6bew
3
vulnerability VCID-24s5-d6jt-4kfe
4
vulnerability VCID-2ry7-trrg-gfdk
5
vulnerability VCID-3gve-u4f4-bkht
6
vulnerability VCID-47nm-nte5-27fm
7
vulnerability VCID-4zda-zrq6-hbc8
8
vulnerability VCID-4zyq-af27-yqa4
9
vulnerability VCID-6v8z-cfax-zqbh
10
vulnerability VCID-75y2-h9uk-n3a6
11
vulnerability VCID-7xbp-qkvv-bqgm
12
vulnerability VCID-8735-ectc-j7a3
13
vulnerability VCID-9hdy-aqa2-w3bd
14
vulnerability VCID-9jb1-k32z-w7gw
15
vulnerability VCID-9jpj-dfsf-qkce
16
vulnerability VCID-9jw2-3v9v-ruap
17
vulnerability VCID-9kev-ferz-5bhr
18
vulnerability VCID-9x14-2t7m-1kbm
19
vulnerability VCID-bfap-h1d9-33dj
20
vulnerability VCID-cv4y-g4un-ckd4
21
vulnerability VCID-cxhw-3w24-dkes
22
vulnerability VCID-dpu2-4w42-kygw
23
vulnerability VCID-euma-vgqx-sbau
24
vulnerability VCID-f57c-kamk-3bct
25
vulnerability VCID-f5kd-yqz2-nkcb
26
vulnerability VCID-fmtp-x6y7-83g1
27
vulnerability VCID-g5u9-khw6-4kgn
28
vulnerability VCID-gcfd-w8je-kqfm
29
vulnerability VCID-gdur-h588-vbb6
30
vulnerability VCID-gmdj-a1ys-tqc2
31
vulnerability VCID-gtdh-mytb-t3fh
32
vulnerability VCID-h6na-nxxq-5yg9
33
vulnerability VCID-hdbf-118z-2yec
34
vulnerability VCID-hk8r-kk4v-1fa7
35
vulnerability VCID-jc3b-m4ud-n7fw
36
vulnerability VCID-jvnf-vh29-ufdh
37
vulnerability VCID-jxf4-y1au-5bhw
38
vulnerability VCID-khur-3ax7-9fhb
39
vulnerability VCID-n64w-nq6a-m7bv
40
vulnerability VCID-n6uz-fe7m-uqhk
41
vulnerability VCID-njbj-f91t-b7f4
42
vulnerability VCID-nqhj-d7uw-43hd
43
vulnerability VCID-srmp-3tvp-9uhv
44
vulnerability VCID-su8x-6n42-n3d5
45
vulnerability VCID-u24a-2khf-uyba
46
vulnerability VCID-u55w-unmd-97cm
47
vulnerability VCID-udcq-enxt-wyf1
48
vulnerability VCID-ugd8-9xzt-xbdz
49
vulnerability VCID-uvht-9bt9-hfbb
50
vulnerability VCID-v3m6-zajw-bfhb
51
vulnerability VCID-vugd-2jfz-23b5
52
vulnerability VCID-x3uy-7crx-2kae
53
vulnerability VCID-xfgd-4hs3-vygk
54
vulnerability VCID-xuyn-pjpb-g7du
55
vulnerability VCID-xxkx-w5pc-5uap
56
vulnerability VCID-zhf4-y8v8-gubn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie
1
url pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-2ry7-trrg-gfdk
3
vulnerability VCID-3gve-u4f4-bkht
4
vulnerability VCID-4zda-zrq6-hbc8
5
vulnerability VCID-4zyq-af27-yqa4
6
vulnerability VCID-6v8z-cfax-zqbh
7
vulnerability VCID-75y2-h9uk-n3a6
8
vulnerability VCID-8735-ectc-j7a3
9
vulnerability VCID-9jb1-k32z-w7gw
10
vulnerability VCID-9jpj-dfsf-qkce
11
vulnerability VCID-9jw2-3v9v-ruap
12
vulnerability VCID-9kev-ferz-5bhr
13
vulnerability VCID-9x14-2t7m-1kbm
14
vulnerability VCID-bfap-h1d9-33dj
15
vulnerability VCID-cv4y-g4un-ckd4
16
vulnerability VCID-cxhw-3w24-dkes
17
vulnerability VCID-f57c-kamk-3bct
18
vulnerability VCID-f5kd-yqz2-nkcb
19
vulnerability VCID-fmtp-x6y7-83g1
20
vulnerability VCID-g5u9-khw6-4kgn
21
vulnerability VCID-gcfd-w8je-kqfm
22
vulnerability VCID-gdur-h588-vbb6
23
vulnerability VCID-gmdj-a1ys-tqc2
24
vulnerability VCID-gtdh-mytb-t3fh
25
vulnerability VCID-h6na-nxxq-5yg9
26
vulnerability VCID-hdbf-118z-2yec
27
vulnerability VCID-hk8r-kk4v-1fa7
28
vulnerability VCID-jc3b-m4ud-n7fw
29
vulnerability VCID-jvnf-vh29-ufdh
30
vulnerability VCID-jxf4-y1au-5bhw
31
vulnerability VCID-khur-3ax7-9fhb
32
vulnerability VCID-n64w-nq6a-m7bv
33
vulnerability VCID-n6uz-fe7m-uqhk
34
vulnerability VCID-njbj-f91t-b7f4
35
vulnerability VCID-nqhj-d7uw-43hd
36
vulnerability VCID-srmp-3tvp-9uhv
37
vulnerability VCID-u55w-unmd-97cm
38
vulnerability VCID-udcq-enxt-wyf1
39
vulnerability VCID-ugd8-9xzt-xbdz
40
vulnerability VCID-uvht-9bt9-hfbb
41
vulnerability VCID-v3m6-zajw-bfhb
42
vulnerability VCID-vugd-2jfz-23b5
43
vulnerability VCID-x3uy-7crx-2kae
44
vulnerability VCID-xuyn-pjpb-g7du
45
vulnerability VCID-xxkx-w5pc-5uap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie
2
url pkg:deb/debian/wolfssl@5.7.2-0.4?distro=trixie
purl pkg:deb/debian/wolfssl@5.7.2-0.4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.4%3Fdistro=trixie
3
url pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15fz-hhc7-kyaa
1
vulnerability VCID-24mg-wn6a-6bew
2
vulnerability VCID-3gve-u4f4-bkht
3
vulnerability VCID-4zyq-af27-yqa4
4
vulnerability VCID-75y2-h9uk-n3a6
5
vulnerability VCID-9jb1-k32z-w7gw
6
vulnerability VCID-bfap-h1d9-33dj
7
vulnerability VCID-cv4y-g4un-ckd4
8
vulnerability VCID-f5kd-yqz2-nkcb
9
vulnerability VCID-g5u9-khw6-4kgn
10
vulnerability VCID-gtdh-mytb-t3fh
11
vulnerability VCID-hdbf-118z-2yec
12
vulnerability VCID-jc3b-m4ud-n7fw
13
vulnerability VCID-jvnf-vh29-ufdh
14
vulnerability VCID-n6uz-fe7m-uqhk
15
vulnerability VCID-nqhj-d7uw-43hd
16
vulnerability VCID-srmp-3tvp-9uhv
17
vulnerability VCID-u55w-unmd-97cm
18
vulnerability VCID-udcq-enxt-wyf1
19
vulnerability VCID-ugd8-9xzt-xbdz
20
vulnerability VCID-vugd-2jfz-23b5
21
vulnerability VCID-x3uy-7crx-2kae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie
4
url pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
purl pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie
aliases CVE-2025-7394
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f4gq-hqcp-dqe2
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.4%3Fdistro=trixie