Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/239401?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/239401?format=api", "vulnerability_id": "VCID-9ad7-pcdj-ubbc", "summary": "", "aliases": [ { "alias": "CVE-2023-6237" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/328054?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=aarch64&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=aarch64&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409019?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=aarch64&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=aarch64&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336421?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=aarch64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=aarch64&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329877?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=aarch64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=aarch64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/328055?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armhf&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armhf&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409020?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armhf&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armhf&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336422?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armhf&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armhf&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329878?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armhf&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armhf&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/328056?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armv7&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armv7&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409021?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armv7&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armv7&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336423?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armv7&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armv7&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329879?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armv7&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armv7&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329880?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=loongarch64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=loongarch64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/328057?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=ppc64le&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=ppc64le&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409022?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=ppc64le&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=ppc64le&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336424?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=ppc64le&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=ppc64le&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329881?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=ppc64le&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=ppc64le&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336425?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=riscv64&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329882?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=riscv64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=riscv64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/328058?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=s390x&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=s390x&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409023?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=s390x&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=s390x&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336426?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=s390x&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=s390x&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329883?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=s390x&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=s390x&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/328060?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86_64&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86_64&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409025?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86_64&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86_64&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336428?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86_64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86_64&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329885?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86_64&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86_64&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/328059?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86&distroversion=v3.18&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86&distroversion=v3.18&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/409024?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86&distroversion=v3.19&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86&distroversion=v3.19&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/336427?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86&distroversion=v3.20&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/329884?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86&distroversion=v3.22&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86&distroversion=v3.22&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228409?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=aarch64&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=aarch64&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228410?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armhf&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armhf&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228411?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=armv7&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=armv7&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228412?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=loongarch64&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=loongarch64&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228413?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=ppc64le&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=ppc64le&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228414?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=riscv64&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=riscv64&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228415?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=s390x&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=s390x&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228417?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86_64&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86_64&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/228416?format=api", "purl": "pkg:apk/alpine/openssl@3.1.4-r4?arch=x86&distroversion=v3.23&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.4-r4%3Farch=x86&distroversion=v3.23&reponame=main" }, { "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api", "purl": "pkg:deb/debian/openssl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api", "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7y4x-nrsa-mbb3" }, { "vulnerability": "VCID-a6ex-h8k7-8fbx" }, { "vulnerability": "VCID-cccj-zqe2-1bbw" }, { "vulnerability": "VCID-mnvc-6qng-ufbb" }, { "vulnerability": "VCID-q64m-j51z-6fhu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201326?format=api", "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api", "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cccj-zqe2-1bbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201329?format=api", "purl": "pkg:deb/debian/openssl@3.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api", "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api", "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/138939?format=api", "purl": "pkg:rpm/redhat/edk2@20240524-6?arch=el9_5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ad7-pcdj-ubbc" }, { "vulnerability": "VCID-jwh4-skkx-b7g6" }, { "vulnerability": "VCID-n7xs-mgeg-jued" }, { "vulnerability": "VCID-yyrx-r985-fycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/edk2@20240524-6%3Farch=el9_5" }, { "url": "http://public2.vulnerablecode.io/api/packages/144410?format=api", "purl": "pkg:rpm/redhat/openssl@1:3.0.7-27?arch=el9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4rjp-y9w5-sfak" }, { "vulnerability": "VCID-9ad7-pcdj-ubbc" }, { "vulnerability": "VCID-hmk7-eeaw-syfw" }, { "vulnerability": "VCID-n7xs-mgeg-jued" }, { "vulnerability": "VCID-t8ve-d7kb-tyar" }, { "vulnerability": "VCID-yvae-9f18-n7ep" }, { "vulnerability": "VCID-yyrx-r985-fycc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:3.0.7-27%3Farch=el9" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76925", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6237" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d", "reference_id": "0b0f7abfb37350794a4b8960fafc292cd5d1b84d", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060858", "reference_id": "1060858", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060858" }, { "reference_url": "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a", "reference_id": "18c02492138d1eb8b6548cb26e7b625fb2414a2a", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a" }, { "reference_url": "https://www.openssl.org/news/secadv/20240115.txt", "reference_id": "20240115.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://www.openssl.org/news/secadv/20240115.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "reference_id": "2258502", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258502" }, { "reference_url": "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294", "reference_id": "a830f551557d3d66a84bbb18a5b889c640c36294", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/" } ], "url": "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2447", "reference_id": "RHSA-2024:2447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9088", "reference_id": "RHSA-2024:9088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9088" }, { "reference_url": "https://usn.ubuntu.com/6622-1/", "reference_id": "USN-6622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6622-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "weaknesses": [ { "cwe_id": 400, "name": "Uncontrolled Resource Consumption", "description": "The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources." }, { "cwe_id": 606, "name": "Unchecked Input for Loop Condition", "description": "The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping." } ], "exploits": [], "severity_range_score": "5.9 - 5.9", "exploitability": "0.5", "weighted_severity": "5.3", "risk_score": 2.6, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ad7-pcdj-ubbc" }