Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/35046?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35046?format=api", "vulnerability_id": "VCID-8kj7-du9v-uugw", "summary": "HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.", "aliases": [ { "alias": "CVE-2016-9243" }, { "alias": "GHSA-q3cj-2r34-2cwc" }, { "alias": "PYSEC-2017-8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9834?format=api", "purl": "pkg:pypi/cryptography@1.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5.3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9792?format=api", "purl": "pkg:pypi/cryptography@0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9793?format=api", "purl": "pkg:pypi/cryptography@0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9794?format=api", "purl": "pkg:pypi/cryptography@0.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9795?format=api", "purl": "pkg:pypi/cryptography@0.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9796?format=api", "purl": "pkg:pypi/cryptography@0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/9797?format=api", "purl": "pkg:pypi/cryptography@0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/9798?format=api", "purl": "pkg:pypi/cryptography@0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-78m5-9977-afbh" }, { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/9799?format=api", "purl": "pkg:pypi/cryptography@0.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9800?format=api", "purl": "pkg:pypi/cryptography@0.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9801?format=api", "purl": "pkg:pypi/cryptography@0.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/9802?format=api", "purl": "pkg:pypi/cryptography@0.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/9803?format=api", "purl": "pkg:pypi/cryptography@0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/9804?format=api", "purl": "pkg:pypi/cryptography@0.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9805?format=api", "purl": "pkg:pypi/cryptography@0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/9806?format=api", "purl": "pkg:pypi/cryptography@0.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9807?format=api", "purl": "pkg:pypi/cryptography@0.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9808?format=api", "purl": "pkg:pypi/cryptography@0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-aqvw-1swj-rqdz" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/9809?format=api", "purl": "pkg:pypi/cryptography@0.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-ts7c-u8g2-rqa4" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9810?format=api", "purl": "pkg:pypi/cryptography@0.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9811?format=api", "purl": "pkg:pypi/cryptography@0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/9812?format=api", "purl": "pkg:pypi/cryptography@0.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9813?format=api", "purl": "pkg:pypi/cryptography@0.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9814?format=api", "purl": "pkg:pypi/cryptography@0.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@0.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/9815?format=api", "purl": "pkg:pypi/cryptography@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/9816?format=api", "purl": "pkg:pypi/cryptography@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9817?format=api", "purl": "pkg:pypi/cryptography@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9818?format=api", "purl": "pkg:pypi/cryptography@1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9819?format=api", "purl": "pkg:pypi/cryptography@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9820?format=api", "purl": "pkg:pypi/cryptography@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9821?format=api", "purl": "pkg:pypi/cryptography@1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9822?format=api", "purl": "pkg:pypi/cryptography@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9823?format=api", "purl": "pkg:pypi/cryptography@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9824?format=api", "purl": "pkg:pypi/cryptography@1.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/9825?format=api", "purl": "pkg:pypi/cryptography@1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/9826?format=api", "purl": "pkg:pypi/cryptography@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9827?format=api", "purl": "pkg:pypi/cryptography@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/9828?format=api", "purl": "pkg:pypi/cryptography@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/9829?format=api", "purl": "pkg:pypi/cryptography@1.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/9830?format=api", "purl": "pkg:pypi/cryptography@1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/9831?format=api", "purl": "pkg:pypi/cryptography@1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/9832?format=api", "purl": "pkg:pypi/cryptography@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/9833?format=api", "purl": "pkg:pypi/cryptography@1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8kj7-du9v-uugw" }, { "vulnerability": "VCID-jksg-v3x3-z3d3" }, { "vulnerability": "VCID-v56n-dpyv-rug7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/cryptography@1.5.2" } ], "references": [ { "reference_url": "https://cryptography.io/en/latest/changelog", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cryptography.io/en/latest/changelog" }, { "reference_url": "https://github.com/advisories/GHSA-q3cj-2r34-2cwc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q3cj-2r34-2cwc" }, { "reference_url": "https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874" }, { "reference_url": "https://github.com/pyca/cryptography/issues/3211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pyca/cryptography/issues/3211" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/11/09/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/11/09/2" }, { "reference_url": "http://www.securityfocus.com/bid/94216", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94216" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3138-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3138-1" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kj7-du9v-uugw" }