Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/18760?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18760?format=api", "vulnerability_id": "VCID-hmk7-eeaw-syfw", "summary": "Improper Check for Unusual or Exceptional Conditions\nIssue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() does not make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it does not check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "aliases": [ { "alias": "CVE-2023-5678" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/322210?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=aarch64&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=aarch64&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322211?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=armhf&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=armhf&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322212?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=armv7&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=armv7&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322213?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=ppc64le&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=ppc64le&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322214?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=s390x&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=s390x&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322216?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=x86_64&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=x86_64&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322215?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=x86&distroversion=v3.16&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=x86&distroversion=v3.16&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307679?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=aarch64&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=aarch64&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307680?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=armhf&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=armhf&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307681?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=armv7&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=armv7&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307682?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=ppc64le&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=ppc64le&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307683?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=s390x&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=s390x&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307685?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=x86_64&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=x86_64&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/307684?format=api", "purl": "pkg:apk/alpine/openssl@1.1.1w-r1?arch=x86&distroversion=v3.15&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1w-r1%3Farch=x86&distroversion=v3.15&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309229?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=aarch64&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=aarch64&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309230?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=armhf&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=armhf&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309231?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=armv7&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=armv7&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309232?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=ppc64le&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=ppc64le&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309233?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=s390x&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=s390x&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309235?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=x86_64&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=x86_64&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/309234?format=api", "purl": "pkg:apk/alpine/openssl@3.0.12-r1?arch=x86&distroversion=v3.17&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.12-r1%3Farch=x86&distroversion=v3.17&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376383?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=aarch64&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=aarch64&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322525?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=aarch64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=aarch64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376384?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armhf&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armhf&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322526?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armhf&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armhf&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376385?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armv7&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armv7&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322527?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armv7&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armv7&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322528?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=loongarch64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=loongarch64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376386?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=ppc64le&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=ppc64le&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322529?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=ppc64le&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=ppc64le&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322530?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=riscv64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=riscv64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376387?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=s390x&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=s390x&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322531?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=s390x&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=s390x&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376389?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86_64&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86_64&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322533?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86_64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86_64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/376388?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/322532?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279794?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=aarch64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=aarch64&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275564?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=aarch64&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=aarch64&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279795?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armhf&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armhf&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275565?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armhf&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armhf&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279796?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armv7&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armv7&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275566?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armv7&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armv7&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279797?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=loongarch64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=loongarch64&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279798?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=ppc64le&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=ppc64le&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275567?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=ppc64le&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=ppc64le&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279799?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=riscv64&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279800?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=s390x&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=s390x&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275568?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=s390x&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=s390x&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279802?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86_64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86_64&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275570?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86_64&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86_64&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/279801?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86&distroversion=edge&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/275569?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232095?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=aarch64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=aarch64&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232096?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armhf&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armhf&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232097?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=armv7&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=armv7&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232098?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=ppc64le&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=ppc64le&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232099?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=riscv64&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232100?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=s390x&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=s390x&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232102?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86_64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86_64&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/232101?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r1?arch=x86&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r1%3Farch=x86&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201327?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201328?format=api", "purl": "pkg:deb/debian/openssl@3.0.12-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.12-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201326?format=api", "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58806?format=api", "purl": "pkg:conan/openssl@3.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kax-e29y-2qay" }, { "vulnerability": "VCID-1y34-563n-83b3" }, { "vulnerability": "VCID-4rjp-y9w5-sfak" }, { "vulnerability": "VCID-5rnh-ggk4-8bdq" }, { "vulnerability": "VCID-6vr9-d96b-t7cz" }, { "vulnerability": "VCID-77dz-3tvz-c7b8" }, { "vulnerability": "VCID-94bp-j4hm-sqb7" }, { "vulnerability": "VCID-bf5v-rz9k-9qgh" }, { "vulnerability": "VCID-fep2-jgws-6qf6" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-jmd8-78nq-vfg1" }, { "vulnerability": "VCID-kpk3-xbcc-jfg8" }, { "vulnerability": "VCID-m27k-yxxk-mbc6" }, { "vulnerability": "VCID-mcrj-f2ds-c3d3" }, { "vulnerability": "VCID-n7dz-yhyf-n7e7" }, { "vulnerability": "VCID-n7xs-mgeg-jued" }, { "vulnerability": "VCID-pfat-4gzk-suht" }, { "vulnerability": "VCID-pr1d-efrx-kbbr" }, { "vulnerability": "VCID-prku-34mb-d3g6" }, { "vulnerability": "VCID-ptm7-pf2v-fqdc" }, { "vulnerability": "VCID-qaht-xst5-pyh3" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-u3ks-ncv4-33f5" }, { "vulnerability": "VCID-u4fw-w6bp-rkdq" }, { "vulnerability": "VCID-vv2c-xvqf-cfdt" }, { "vulnerability": "VCID-yvae-9f18-n7ep" }, { "vulnerability": "VCID-znh8-j1ww-9yb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/63183?format=api", "purl": "pkg:conan/openssl@3.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4rjp-y9w5-sfak" }, { "vulnerability": "VCID-bf5v-rz9k-9qgh" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-kpk3-xbcc-jfg8" }, { "vulnerability": "VCID-n7dz-yhyf-n7e7" }, { "vulnerability": "VCID-n7xs-mgeg-jued" }, { "vulnerability": "VCID-pr1d-efrx-kbbr" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-u3ks-ncv4-33f5" }, { "vulnerability": "VCID-u4fw-w6bp-rkdq" }, { "vulnerability": "VCID-znh8-j1ww-9yb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/146772?format=api", "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-17?arch=el7jbcs", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hmk7-eeaw-syfw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-17%3Farch=el7jbcs" }, { "url": "http://public2.vulnerablecode.io/api/packages/146771?format=api", "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-17?arch=el8jbcs", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hmk7-eeaw-syfw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-17%3Farch=el8jbcs" }, { "url": "http://public2.vulnerablecode.io/api/packages/142841?format=api", "purl": "pkg:rpm/redhat/jws5-tomcat-native@1.2.31-17.redhat_17?arch=el7jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9248-b5q8-2bc7" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.31-17.redhat_17%3Farch=el7jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/142842?format=api", "purl": "pkg:rpm/redhat/jws5-tomcat-native@1.2.31-17.redhat_17?arch=el8jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9248-b5q8-2bc7" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.31-17.redhat_17%3Farch=el8jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/142840?format=api", "purl": "pkg:rpm/redhat/jws5-tomcat-native@1.2.31-17.redhat_17?arch=el9jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9248-b5q8-2bc7" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.31-17.redhat_17%3Farch=el9jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/146776?format=api", "purl": "pkg:rpm/redhat/openssl@1:1.1.1k-12?arch=el8_6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-yvae-9f18-n7ep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:1.1.1k-12%3Farch=el8_6" }, { "url": "http://public2.vulnerablecode.io/api/packages/146770?format=api", "purl": "pkg:rpm/redhat/openssl@1:1.1.1k-12?arch=el8_8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-yvae-9f18-n7ep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:1.1.1k-12%3Farch=el8_8" }, { "url": "http://public2.vulnerablecode.io/api/packages/138749?format=api", "purl": "pkg:rpm/redhat/openssl@1:1.1.1k-12?arch=el8_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-pe4b-dxf9-2kcd" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-yvae-9f18-n7ep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:1.1.1k-12%3Farch=el8_9" }, { "url": "http://public2.vulnerablecode.io/api/packages/144410?format=api", "purl": "pkg:rpm/redhat/openssl@1:3.0.7-27?arch=el9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4rjp-y9w5-sfak" }, { "vulnerability": "VCID-9ad7-pcdj-ubbc" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-n7xs-mgeg-jued" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-yvae-9f18-n7ep" }, { "vulnerability": "VCID-yyrx-r985-fycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:3.0.7-27%3Farch=el9" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5678", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67795", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6" }, { "reference_url": "https://www.openssl.org/news/secadv/20231106.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/" } ], "url": "https://www.openssl.org/news/secadv/20231106.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473", "reference_id": "1055473", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248616", "reference_id": "2248616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248616" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678", "reference_id": "CVE-2023-5678", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7877", "reference_id": "RHSA-2023:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0154", "reference_id": "RHSA-2024:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0208", "reference_id": "RHSA-2024:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1318", "reference_id": "RHSA-2024:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1319", "reference_id": "RHSA-2024:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1325", "reference_id": "RHSA-2024:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://usn.ubuntu.com/6622-1/", "reference_id": "USN-6622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6622-1/" }, { "reference_url": "https://usn.ubuntu.com/6632-1/", "reference_id": "USN-6632-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6632-1/" }, { "reference_url": "https://usn.ubuntu.com/6709-1/", "reference_id": "USN-6709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6709-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 754, "name": "Improper Check for Unusual or Exceptional Conditions", "description": "The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 325, "name": "Missing Cryptographic Step", "description": "The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm." }, { "cwe_id": 606, "name": "Unchecked Input for Loop Condition", "description": "The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping." } ], "exploits": [], "severity_range_score": "5.3 - 5.3", "exploitability": "0.5", "weighted_severity": "4.8", "risk_score": 2.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmk7-eeaw-syfw" }