Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-x4hh-waed-2faz

Summary nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash

Aliases

alias	CVE-2016-5285

Fixed_packages

url	pkg:deb/debian/nss@2:3.25-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.25-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.25-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tdh-tupa-23en

vulnerability	VCID-5dqq-xwr4-pbfv

vulnerability	VCID-7vub-2tme-ffbs

vulnerability	VCID-gxau-xxpj-fufj

vulnerability	VCID-jd6h-m6sm-xqbt

vulnerability	VCID-mg3r-rr93-zuen

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.123.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.123.1-1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.124-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.124-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.124-1%3Fdistro=trixie

url	pkg:ebuild/dev-libs/nss@3.28
purl	pkg:ebuild/dev-libs/nss@3.28
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/nss@3.28

Affected_packages

url pkg:rpm/redhat/nss@3.21.3-2?arch=el5_11

purl pkg:rpm/redhat/nss@3.21.3-2?arch=el5_11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-86dx-a3mk-9yhx

vulnerability	VCID-c3q5-juta-6qa5

vulnerability	VCID-x4hh-waed-2faz

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.21.3-2%3Farch=el5_11

url pkg:rpm/redhat/nss@3.21.3-2?arch=el6_8

purl pkg:rpm/redhat/nss@3.21.3-2?arch=el6_8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-86dx-a3mk-9yhx

vulnerability	VCID-c3q5-juta-6qa5

vulnerability	VCID-x4hh-waed-2faz

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.21.3-2%3Farch=el6_8

url pkg:rpm/redhat/nss@3.21.3-2?arch=el7_3

purl pkg:rpm/redhat/nss@3.21.3-2?arch=el7_3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-86dx-a3mk-9yhx

vulnerability	VCID-c3q5-juta-6qa5

vulnerability	VCID-x4hh-waed-2faz

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss@3.21.3-2%3Farch=el7_3

url pkg:rpm/redhat/nss-util@3.21.3-1?arch=el6_8

purl pkg:rpm/redhat/nss-util@3.21.3-1?arch=el6_8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-86dx-a3mk-9yhx

vulnerability	VCID-c3q5-juta-6qa5

vulnerability	VCID-x4hh-waed-2faz

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-util@3.21.3-1%3Farch=el6_8

url pkg:rpm/redhat/nss-util@3.21.3-1.1?arch=el7_3

purl pkg:rpm/redhat/nss-util@3.21.3-1.1?arch=el7_3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-86dx-a3mk-9yhx

vulnerability	VCID-c3q5-juta-6qa5

vulnerability	VCID-x4hh-waed-2faz

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nss-util@3.21.3-1.1%3Farch=el7_3

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5285.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5285.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5285

reference_id

reference_type

scores

value	0.01626
scoring_system	epss
scoring_elements	0.82169
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1383883
reference_id	1383883
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1383883

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

reference_url	https://access.redhat.com/errata/RHSA-2016:2779
reference_id	RHSA-2016:2779
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2779

reference_url	https://usn.ubuntu.com/3163-1/
reference_id	USN-3163-1
reference_type
scores
url	https://usn.ubuntu.com/3163-1/

Weaknesses

Exploits

Severity_range_score 7.1 - 7.5

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4hh-waed-2faz

Vulnerability Instance