Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/openssl@3.0.14-1~deb12u1
Typedeb
Namespacedebian
Nameopenssl
Version3.0.14-1~deb12u1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.19-1~deb12u2
Latest_non_vulnerable_version4.0.0~alpha1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6mua-rkdu-87ay
vulnerability_id VCID-6mua-rkdu-87ay
summary openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68160.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68160.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68160
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-04T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-02T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07798
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07753
published_at 2026-04-07T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07812
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07829
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07824
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07811
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68160
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430380
reference_id 2430380
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430380
6
reference_url https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad
reference_id 384011202af92605d926fafe4a0bcd6b65d162ad
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/
url https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad
7
reference_url https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6
reference_id 475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/
url https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6
8
reference_url https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c
reference_id 4c96fbba618e1940f038012506ee9e21d32ee12c
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/
url https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c
9
reference_url https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0
reference_id 6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/
url https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0
10
reference_url https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096
reference_id 68a7cd2e2816c3a02f4d45a2ce43fc04fac97096
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:04:54Z/
url https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
14
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
15
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
16
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
17
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
18
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
19
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2025-68160
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6mua-rkdu-87ay
1
url VCID-7xwq-vdej-ayg1
vulnerability_id VCID-7xwq-vdej-ayg1
summary openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22796.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22796.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22796
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29759
published_at 2026-04-04T12:55:00Z
1
value 0.00112
scoring_system epss
scoring_elements 0.29708
published_at 2026-04-02T12:55:00Z
2
value 0.00117
scoring_system epss
scoring_elements 0.30333
published_at 2026-04-13T12:55:00Z
3
value 0.00117
scoring_system epss
scoring_elements 0.30329
published_at 2026-04-07T12:55:00Z
4
value 0.00117
scoring_system epss
scoring_elements 0.30388
published_at 2026-04-08T12:55:00Z
5
value 0.00117
scoring_system epss
scoring_elements 0.30423
published_at 2026-04-09T12:55:00Z
6
value 0.00117
scoring_system epss
scoring_elements 0.30425
published_at 2026-04-11T12:55:00Z
7
value 0.00117
scoring_system epss
scoring_elements 0.30381
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22796
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430390
reference_id 2430390
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430390
6
reference_url https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
reference_id 2502e7b7d4c0cf4f972a881641fe09edc67aeec4
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/
url https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
7
reference_url https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
reference_id 572844beca95068394c916626a6d3a490f831a49
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/
url https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
8
reference_url https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12
reference_id 7bbca05be55b129651d9df4bdb92becc45002c12
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/
url https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12
9
reference_url https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e
reference_id eeee3cbd4d682095ed431052f00403004596373e
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/
url https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e
10
reference_url https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2
reference_id ef2fb66ec571564d64d1c74a12e388a2a54d05d2
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-27T16:27:50Z/
url https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
14
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
15
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
16
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
17
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
18
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
19
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2026-22796
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xwq-vdej-ayg1
2
url VCID-87vs-4p6w-xbgq
vulnerability_id VCID-87vs-4p6w-xbgq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31789
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01203
published_at 2026-04-08T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01206
published_at 2026-04-09T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.0157
published_at 2026-04-13T12:55:00Z
3
value 9e-05
scoring_system epss
scoring_elements 0.00889
published_at 2026-04-11T12:55:00Z
4
value 9e-05
scoring_system epss
scoring_elements 0.00883
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31789
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260407.txt
reference_id 20260407.txt
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/
url https://openssl-library.org/news/secadv/20260407.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451095
reference_id 2451095
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451095
6
reference_url https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde
reference_id 364f095b80601db632b0def6a33316967f863bde
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/
url https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde
7
reference_url https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf
reference_id 7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/
url https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf
8
reference_url https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49
reference_id 945b935ac66cc7f1a41f1b849c7c25adb5351f49
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/
url https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49
9
reference_url https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9
reference_id a24216018e1ede8ff01a4ff5afff7dfbd443e2f9
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/
url https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9
10
reference_url https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521
reference_id a91e537d16d74050dbde50bb0dfb1fe9930f0521
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/
url https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521
11
reference_url https://usn.ubuntu.com/8155-1/
reference_id USN-8155-1
reference_type
scores
url https://usn.ubuntu.com/8155-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.6.2-1
purl pkg:deb/debian/openssl@3.6.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1
2
url pkg:deb/debian/openssl@4.0.0~alpha1-1
purl pkg:deb/debian/openssl@4.0.0~alpha1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1
aliases CVE-2026-31789
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87vs-4p6w-xbgq
3
url VCID-8gde-1md7-5yak
vulnerability_id VCID-8gde-1md7-5yak
summary OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27587
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23308
published_at 2026-04-04T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23265
published_at 2026-04-02T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23244
published_at 2026-04-11T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23223
published_at 2026-04-09T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23172
published_at 2026-04-08T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23098
published_at 2026-04-07T12:55:00Z
6
value 0.00224
scoring_system epss
scoring_elements 0.45102
published_at 2026-04-13T12:55:00Z
7
value 0.00224
scoring_system epss
scoring_elements 0.451
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27587
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27587
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27587
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/openssl/openssl/issues/24253
reference_id 24253
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T16:16:27Z/
url https://github.com/openssl/openssl/issues/24253
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.0.19-1~deb12u1
purl pkg:deb/debian/openssl@3.0.19-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u1
2
url pkg:deb/debian/openssl@3.0.19-1~deb12u2
purl pkg:deb/debian/openssl@3.0.19-1~deb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2
aliases CVE-2025-27587
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gde-1md7-5yak
4
url VCID-antn-nu5a-7yf6
vulnerability_id VCID-antn-nu5a-7yf6
summary openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69420.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69420.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69420
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52364
published_at 2026-04-04T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.52336
published_at 2026-04-02T12:55:00Z
2
value 0.00303
scoring_system epss
scoring_elements 0.53576
published_at 2026-04-13T12:55:00Z
3
value 0.00303
scoring_system epss
scoring_elements 0.53515
published_at 2026-04-07T12:55:00Z
4
value 0.00303
scoring_system epss
scoring_elements 0.53565
published_at 2026-04-08T12:55:00Z
5
value 0.00303
scoring_system epss
scoring_elements 0.53561
published_at 2026-04-09T12:55:00Z
6
value 0.00303
scoring_system epss
scoring_elements 0.53611
published_at 2026-04-11T12:55:00Z
7
value 0.00303
scoring_system epss
scoring_elements 0.53594
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69420
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430388
reference_id 2430388
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430388
6
reference_url https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9
reference_id 27c7012c91cc986a598d7540f3079dfde2416eb9
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/
url https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9
7
reference_url https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a
reference_id 4e254b48ad93cc092be3dd62d97015f33f73133a
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/
url https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a
8
reference_url https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e
reference_id 564fd9c73787f25693bf9e75faf7bf6bb1305d4e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/
url https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e
9
reference_url https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b
reference_id 5eb0770ffcf11b785cf374ff3c19196245e54f1b
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/
url https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b
10
reference_url https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085
reference_id a99349ebfc519999edc50620abe24d599b9eb085
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T19:33:06Z/
url https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
14
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
15
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
16
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
17
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
18
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
19
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2025-69420
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-antn-nu5a-7yf6
5
url VCID-bfv6-sbnh-5uh5
vulnerability_id VCID-bfv6-sbnh-5uh5
summary openssl: SSL_select_next_proto buffer overread
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5535.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5535.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5535
reference_id
reference_type
scores
0
value 0.0505
scoring_system epss
scoring_elements 0.89749
published_at 2026-04-07T12:55:00Z
1
value 0.0505
scoring_system epss
scoring_elements 0.89767
published_at 2026-04-08T12:55:00Z
2
value 0.05181
scoring_system epss
scoring_elements 0.89911
published_at 2026-04-13T12:55:00Z
3
value 0.05181
scoring_system epss
scoring_elements 0.89872
published_at 2026-04-02T12:55:00Z
4
value 0.05181
scoring_system epss
scoring_elements 0.89885
published_at 2026-04-04T12:55:00Z
5
value 0.05181
scoring_system epss
scoring_elements 0.89912
published_at 2026-04-09T12:55:00Z
6
value 0.05181
scoring_system epss
scoring_elements 0.8992
published_at 2026-04-11T12:55:00Z
7
value 0.05181
scoring_system epss
scoring_elements 0.89918
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5535
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074487
reference_id 1074487
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074487
5
reference_url https://www.openssl.org/news/secadv/20240627.txt
reference_id 20240627.txt
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://www.openssl.org/news/secadv/20240627.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2294581
reference_id 2294581
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2294581
7
reference_url https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37
reference_id 4ada436a1946cbb24db5ab4ca082b69c1bc10f37
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37
8
reference_url https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c
reference_id 9947251413065a05189a63c9b7a6c1d4e224c21c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c
9
reference_url https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e
reference_id 99fb785a5f85315b95288921a321a935ea29a51e
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e
10
reference_url https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87
reference_id b78ec0824da857223486660177d3b1f255c65d87
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87
11
reference_url https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c
reference_id cf6f91f6121f4db167405db2f0de410a456f260c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c
12
reference_url https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c
reference_id e86ac436f0bd54d4517745483e2315650fae7b2c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T13:50:16Z/
url https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c
13
reference_url https://access.redhat.com/errata/RHSA-2024:7846
reference_id RHSA-2024:7846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7846
14
reference_url https://access.redhat.com/errata/RHSA-2024:7847
reference_id RHSA-2024:7847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7847
15
reference_url https://access.redhat.com/errata/RHSA-2024:7848
reference_id RHSA-2024:7848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7848
16
reference_url https://access.redhat.com/errata/RHSA-2024:9333
reference_id RHSA-2024:9333
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9333
17
reference_url https://access.redhat.com/errata/RHSA-2025:1671
reference_id RHSA-2025:1671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1671
18
reference_url https://access.redhat.com/errata/RHSA-2025:1673
reference_id RHSA-2025:1673
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1673
19
reference_url https://access.redhat.com/errata/RHSA-2025:3452
reference_id RHSA-2025:3452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3452
20
reference_url https://access.redhat.com/errata/RHSA-2025:3453
reference_id RHSA-2025:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3453
21
reference_url https://access.redhat.com/errata/RHSA-2025:3666
reference_id RHSA-2025:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3666
22
reference_url https://usn.ubuntu.com/6937-1/
reference_id USN-6937-1
reference_type
scores
url https://usn.ubuntu.com/6937-1/
23
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2024-5535
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bfv6-sbnh-5uh5
6
url VCID-cef8-2p5t-bff7
vulnerability_id VCID-cef8-2p5t-bff7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31790
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01498
published_at 2026-04-08T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04587
published_at 2026-04-12T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04603
published_at 2026-04-11T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.0568
published_at 2026-04-09T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06358
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31790
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac
reference_id 001e01db3e996e13ffc72386fe79d03a6683b5ac
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/
url https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac
5
reference_url https://openssl-library.org/news/secadv/20260407.txt
reference_id 20260407.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/
url https://openssl-library.org/news/secadv/20260407.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451094
reference_id 2451094
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451094
7
reference_url https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482
reference_id abd8b2eec7e3f3fda60ecfb68498b246b52af482
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/
url https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482
8
reference_url https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406
reference_id b922e24e5b23ffb9cb9e14cadff23d91e9f7e406
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/
url https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406
9
reference_url https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790
reference_id d5f8e71cd0a54e961d0c3b174348f8308486f790
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/
url https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790
10
reference_url https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e
reference_id eed200f58cd8645ed77e46b7e9f764e284df379e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/
url https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e
11
reference_url https://usn.ubuntu.com/8155-1/
reference_id USN-8155-1
reference_type
scores
url https://usn.ubuntu.com/8155-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.6.2-1
purl pkg:deb/debian/openssl@3.6.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1
2
url pkg:deb/debian/openssl@4.0.0~alpha1-1
purl pkg:deb/debian/openssl@4.0.0~alpha1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1
aliases CVE-2026-31790
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cef8-2p5t-bff7
7
url VCID-chgr-9utt-kqbp
vulnerability_id VCID-chgr-9utt-kqbp
summary openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69419.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69419
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19079
published_at 2026-04-04T12:55:00Z
1
value 0.0006
scoring_system epss
scoring_elements 0.19027
published_at 2026-04-02T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19551
published_at 2026-04-13T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19521
published_at 2026-04-07T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19602
published_at 2026-04-08T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19654
published_at 2026-04-09T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19659
published_at 2026-04-11T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.1961
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69419
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430386
reference_id 2430386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430386
6
reference_url https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296
reference_id 41be0f216404f14457bbf3b9cc488dba60b49296
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/
url https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296
7
reference_url https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb
reference_id 7e9cac9832e4705b91987c2474ed06a37a93cecb
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/
url https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb
8
reference_url https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2
reference_id a26a90d38edec3748566129d824e664b54bee2e2
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/
url https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2
9
reference_url https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015
reference_id cda12de3bc0e333ea8d2c6fd15001dbdaf280015
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/
url https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015
10
reference_url https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535
reference_id ff628933755075446bca8307e8417c14d164b535
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T15:09:04Z/
url https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1496
reference_id RHSA-2026:1496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1496
14
reference_url https://access.redhat.com/errata/RHSA-2026:1503
reference_id RHSA-2026:1503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1503
15
reference_url https://access.redhat.com/errata/RHSA-2026:1519
reference_id RHSA-2026:1519
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1519
16
reference_url https://access.redhat.com/errata/RHSA-2026:1594
reference_id RHSA-2026:1594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1594
17
reference_url https://access.redhat.com/errata/RHSA-2026:1733
reference_id RHSA-2026:1733
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1733
18
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
19
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
20
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
21
reference_url https://access.redhat.com/errata/RHSA-2026:2994
reference_id RHSA-2026:2994
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2994
22
reference_url https://access.redhat.com/errata/RHSA-2026:2995
reference_id RHSA-2026:2995
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2995
23
reference_url https://access.redhat.com/errata/RHSA-2026:3042
reference_id RHSA-2026:3042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3042
24
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
25
reference_url https://access.redhat.com/errata/RHSA-2026:3364
reference_id RHSA-2026:3364
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3364
26
reference_url https://access.redhat.com/errata/RHSA-2026:3437
reference_id RHSA-2026:3437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3437
27
reference_url https://access.redhat.com/errata/RHSA-2026:3861
reference_id RHSA-2026:3861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3861
28
reference_url https://access.redhat.com/errata/RHSA-2026:4163
reference_id RHSA-2026:4163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4163
29
reference_url https://access.redhat.com/errata/RHSA-2026:4214
reference_id RHSA-2026:4214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4214
30
reference_url https://access.redhat.com/errata/RHSA-2026:4472
reference_id RHSA-2026:4472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4472
31
reference_url https://access.redhat.com/errata/RHSA-2026:4824
reference_id RHSA-2026:4824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4824
32
reference_url https://access.redhat.com/errata/RHSA-2026:4825
reference_id RHSA-2026:4825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4825
33
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
34
reference_url https://access.redhat.com/errata/RHSA-2026:5214
reference_id RHSA-2026:5214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5214
35
reference_url https://access.redhat.com/errata/RHSA-2026:5217
reference_id RHSA-2026:5217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5217
36
reference_url https://access.redhat.com/errata/RHSA-2026:5873
reference_id RHSA-2026:5873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5873
37
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
38
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2025-69419
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chgr-9utt-kqbp
8
url VCID-efpm-7cfa-z7hx
vulnerability_id VCID-efpm-7cfa-z7hx
summary openssl: Unbounded memory growth with session handling in TLSv1.3
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2511.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2511
reference_id
reference_type
scores
0
value 0.03021
scoring_system epss
scoring_elements 0.86616
published_at 2026-04-13T12:55:00Z
1
value 0.03021
scoring_system epss
scoring_elements 0.86612
published_at 2026-04-09T12:55:00Z
2
value 0.03021
scoring_system epss
scoring_elements 0.86626
published_at 2026-04-11T12:55:00Z
3
value 0.03021
scoring_system epss
scoring_elements 0.86623
published_at 2026-04-12T12:55:00Z
4
value 0.03875
scoring_system epss
scoring_elements 0.88227
published_at 2026-04-08T12:55:00Z
5
value 0.03875
scoring_system epss
scoring_elements 0.88207
published_at 2026-04-07T12:55:00Z
6
value 0.03875
scoring_system epss
scoring_elements 0.88201
published_at 2026-04-04T12:55:00Z
7
value 0.03875
scoring_system epss
scoring_elements 0.88186
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068658
reference_id 1068658
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068658
5
reference_url https://www.openssl.org/news/secadv/20240408.txt
reference_id 20240408.txt
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://www.openssl.org/news/secadv/20240408.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2274020
reference_id 2274020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2274020
7
reference_url https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640
reference_id 5f8d25770ae6437db119dfc951e207271a326640
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640
8
reference_url https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
reference_id 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
9
reference_url https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
reference_id b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
10
reference_url https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
reference_id e9d7083e241670332e0443da0f0d4ffb52829f08
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T15:14:41Z/
url https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
11
reference_url https://access.redhat.com/errata/RHSA-2024:9333
reference_id RHSA-2024:9333
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9333
12
reference_url https://usn.ubuntu.com/6937-1/
reference_id USN-6937-1
reference_type
scores
url https://usn.ubuntu.com/6937-1/
13
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2024-2511
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efpm-7cfa-z7hx
9
url VCID-f2na-rtsu-ffad
vulnerability_id VCID-f2na-rtsu-ffad
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28387
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04327
published_at 2026-04-11T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04313
published_at 2026-04-12T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05464
published_at 2026-04-08T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05485
published_at 2026-04-09T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05579
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b
reference_id 07e727d304746edb49a98ee8f6ab00256e1f012b
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/
url https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b
5
reference_url https://openssl-library.org/news/secadv/20260407.txt
reference_id 20260407.txt
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/
url https://openssl-library.org/news/secadv/20260407.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451098
reference_id 2451098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451098
7
reference_url https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe
reference_id 258a8f63b26995ba357f4326da00e19e29c6acbe
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/
url https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe
8
reference_url https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3
reference_id 444958deaf450aea819171f97ae69eaedede42c3
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/
url https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3
9
reference_url https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7
reference_id 7a4e08cee62a728d32e60b0de89e6764339df0a7
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/
url https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7
10
reference_url https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177
reference_id ec03fa050b3346997ed9c5fef3d0e16ad7db8177
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/
url https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177
11
reference_url https://usn.ubuntu.com/8155-1/
reference_id USN-8155-1
reference_type
scores
url https://usn.ubuntu.com/8155-1/
12
reference_url https://usn.ubuntu.com/8155-2/
reference_id USN-8155-2
reference_type
scores
url https://usn.ubuntu.com/8155-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.6.2-1
purl pkg:deb/debian/openssl@3.6.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1
2
url pkg:deb/debian/openssl@4.0.0~alpha1-1
purl pkg:deb/debian/openssl@4.0.0~alpha1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1
aliases CVE-2026-28387
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f2na-rtsu-ffad
10
url VCID-fwwa-41df-zqfk
vulnerability_id VCID-fwwa-41df-zqfk
summary openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9230.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9230.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-9230
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10091
published_at 2026-04-02T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10165
published_at 2026-04-13T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10153
published_at 2026-04-04T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10049
published_at 2026-04-07T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10125
published_at 2026-04-08T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10186
published_at 2026-04-09T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10225
published_at 2026-04-11T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.10185
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-9230
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20250930.txt
reference_id 20250930.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://openssl-library.org/news/secadv/20250930.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2396054
reference_id 2396054
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2396054
6
reference_url https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45
reference_id 5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45
7
reference_url https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280
reference_id 9e91358f365dee6c446dcdcdb01c04d2743fd280
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280
8
reference_url https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def
reference_id a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def
9
reference_url https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd
reference_id b5282d677551afda7d20e9c00e09561b547b2dfd
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd
10
reference_url https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482
reference_id bae259a211ada6315dc50900686daaaaaa55f482
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482
11
reference_url https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3
reference_id c2b96348bfa662f25f4fabf81958ae822063dae3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3
12
reference_url https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba
reference_id dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/
url https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba
13
reference_url https://access.redhat.com/errata/RHSA-2025:21174
reference_id RHSA-2025:21174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21174
14
reference_url https://access.redhat.com/errata/RHSA-2025:21248
reference_id RHSA-2025:21248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21248
15
reference_url https://access.redhat.com/errata/RHSA-2025:21255
reference_id RHSA-2025:21255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21255
16
reference_url https://access.redhat.com/errata/RHSA-2025:21562
reference_id RHSA-2025:21562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21562
17
reference_url https://access.redhat.com/errata/RHSA-2025:21994
reference_id RHSA-2025:21994
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21994
18
reference_url https://access.redhat.com/errata/RHSA-2025:22428
reference_id RHSA-2025:22428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22428
19
reference_url https://access.redhat.com/errata/RHSA-2025:22529
reference_id RHSA-2025:22529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22529
20
reference_url https://access.redhat.com/errata/RHSA-2025:22548
reference_id RHSA-2025:22548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22548
21
reference_url https://access.redhat.com/errata/RHSA-2025:22794
reference_id RHSA-2025:22794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22794
22
reference_url https://access.redhat.com/errata/RHSA-2025:22868
reference_id RHSA-2025:22868
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22868
23
reference_url https://access.redhat.com/errata/RHSA-2025:23078
reference_id RHSA-2025:23078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23078
24
reference_url https://access.redhat.com/errata/RHSA-2025:23079
reference_id RHSA-2025:23079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23079
25
reference_url https://access.redhat.com/errata/RHSA-2025:23080
reference_id RHSA-2025:23080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23080
26
reference_url https://access.redhat.com/errata/RHSA-2025:23202
reference_id RHSA-2025:23202
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23202
27
reference_url https://access.redhat.com/errata/RHSA-2025:23204
reference_id RHSA-2025:23204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23204
28
reference_url https://access.redhat.com/errata/RHSA-2025:23205
reference_id RHSA-2025:23205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23205
29
reference_url https://access.redhat.com/errata/RHSA-2025:23209
reference_id RHSA-2025:23209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23209
30
reference_url https://access.redhat.com/errata/RHSA-2025:23449
reference_id RHSA-2025:23449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23449
31
reference_url https://access.redhat.com/errata/RHSA-2026:0332
reference_id RHSA-2026:0332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0332
32
reference_url https://access.redhat.com/errata/RHSA-2026:0337
reference_id RHSA-2026:0337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0337
33
reference_url https://access.redhat.com/errata/RHSA-2026:0420
reference_id RHSA-2026:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0420
34
reference_url https://access.redhat.com/errata/RHSA-2026:0602
reference_id RHSA-2026:0602
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0602
35
reference_url https://access.redhat.com/errata/RHSA-2026:0674
reference_id RHSA-2026:0674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0674
36
reference_url https://access.redhat.com/errata/RHSA-2026:0702
reference_id RHSA-2026:0702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0702
37
reference_url https://access.redhat.com/errata/RHSA-2026:0714
reference_id RHSA-2026:0714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0714
38
reference_url https://access.redhat.com/errata/RHSA-2026:0794
reference_id RHSA-2026:0794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0794
39
reference_url https://access.redhat.com/errata/RHSA-2026:0887
reference_id RHSA-2026:0887
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0887
40
reference_url https://access.redhat.com/errata/RHSA-2026:1349
reference_id RHSA-2026:1349
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1349
41
reference_url https://access.redhat.com/errata/RHSA-2026:1475
reference_id RHSA-2026:1475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1475
42
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
43
reference_url https://access.redhat.com/errata/RHSA-2026:1720
reference_id RHSA-2026:1720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1720
44
reference_url https://access.redhat.com/errata/RHSA-2026:2771
reference_id RHSA-2026:2771
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2771
45
reference_url https://access.redhat.com/errata/RHSA-2026:2776
reference_id RHSA-2026:2776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2776
46
reference_url https://access.redhat.com/errata/RHSA-2026:2974
reference_id RHSA-2026:2974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2974
47
reference_url https://access.redhat.com/errata/RHSA-2026:2994
reference_id RHSA-2026:2994
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2994
48
reference_url https://access.redhat.com/errata/RHSA-2026:2995
reference_id RHSA-2026:2995
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2995
49
reference_url https://access.redhat.com/errata/RHSA-2026:3164
reference_id RHSA-2026:3164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3164
50
reference_url https://access.redhat.com/errata/RHSA-2026:3415
reference_id RHSA-2026:3415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3415
51
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
52
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
53
reference_url https://access.redhat.com/errata/RHSA-2026:3861
reference_id RHSA-2026:3861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3861
54
reference_url https://usn.ubuntu.com/7786-1/
reference_id USN-7786-1
reference_type
scores
url https://usn.ubuntu.com/7786-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2025-9230
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fwwa-41df-zqfk
11
url VCID-gz4c-x1gb-muat
vulnerability_id VCID-gz4c-x1gb-muat
summary openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9143.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9143
reference_id
reference_type
scores
0
value 0.00639
scoring_system epss
scoring_elements 0.70512
published_at 2026-04-13T12:55:00Z
1
value 0.00639
scoring_system epss
scoring_elements 0.70462
published_at 2026-04-02T12:55:00Z
2
value 0.00639
scoring_system epss
scoring_elements 0.70479
published_at 2026-04-04T12:55:00Z
3
value 0.00639
scoring_system epss
scoring_elements 0.70457
published_at 2026-04-07T12:55:00Z
4
value 0.00639
scoring_system epss
scoring_elements 0.70503
published_at 2026-04-08T12:55:00Z
5
value 0.00639
scoring_system epss
scoring_elements 0.70518
published_at 2026-04-09T12:55:00Z
6
value 0.00639
scoring_system epss
scoring_elements 0.70542
published_at 2026-04-11T12:55:00Z
7
value 0.00639
scoring_system epss
scoring_elements 0.70526
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9143
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9143
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085378
reference_id 1085378
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085378
5
reference_url https://openssl-library.org/news/secadv/20241016.txt
reference_id 20241016.txt
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://openssl-library.org/news/secadv/20241016.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2319236
reference_id 2319236
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2319236
7
reference_url https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712
reference_id 72ae83ad214d2eef262461365a1975707f862712
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712
8
reference_url https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a
reference_id 8efc0cbaa8ebba8e116f7b81a876a4123594d86a
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a
9
reference_url https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41
reference_id 9d576994cec2b7aa37a91740ea7e680810957e41
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41
10
reference_url https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700
reference_id bc7e04d7c8d509fb78fc0e285aa948fb0da04700
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700
11
reference_url https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4
reference_id c0d3e4d32d2805f49bec30547f225bc4d092e1f4
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4
12
reference_url https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154
reference_id fdf6723362ca51bd883295efe206cb5b1cfa5154
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:45:11Z/
url https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154
13
reference_url https://usn.ubuntu.com/7264-1/
reference_id USN-7264-1
reference_type
scores
url https://usn.ubuntu.com/7264-1/
14
reference_url https://usn.ubuntu.com/7278-1/
reference_id USN-7278-1
reference_type
scores
url https://usn.ubuntu.com/7278-1/
15
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2024-9143
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gz4c-x1gb-muat
12
url VCID-hgvf-vxhr-cye8
vulnerability_id VCID-hgvf-vxhr-cye8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28388
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01419
published_at 2026-04-09T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01418
published_at 2026-04-08T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06151
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06156
published_at 2026-04-11T12:55:00Z
4
value 0.0003
scoring_system epss
scoring_elements 0.08551
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28388
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388
3
reference_url https://openssl-library.org/news/secadv/20260407.txt
reference_id 20260407.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/
url https://openssl-library.org/news/secadv/20260407.txt
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451097
reference_id 2451097
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451097
5
reference_url https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e
reference_id 59c3b3158553ab53275bbbccca5cb305d591cf2e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/
url https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e
6
reference_url https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139
reference_id 5a0b4930779cd2408880979db765db919da55139
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/
url https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139
7
reference_url https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3
reference_id 602542f2c0c2d5edb47128f93eac10b62aeeefb3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/
url https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3
8
reference_url https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8
reference_id a9d187dd1000130100fa7ab915f8513532cb3bb8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/
url https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8
9
reference_url https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726
reference_id d3a901e8d9f021f3e67d6cfbc12e768129862726
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/
url https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726
10
reference_url https://usn.ubuntu.com/8155-1/
reference_id USN-8155-1
reference_type
scores
url https://usn.ubuntu.com/8155-1/
11
reference_url https://usn.ubuntu.com/8155-2/
reference_id USN-8155-2
reference_type
scores
url https://usn.ubuntu.com/8155-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.6.2-1
purl pkg:deb/debian/openssl@3.6.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1
2
url pkg:deb/debian/openssl@4.0.0~alpha1-1
purl pkg:deb/debian/openssl@4.0.0~alpha1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1
aliases CVE-2026-28388
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgvf-vxhr-cye8
13
url VCID-hpev-apm4-sqfw
vulnerability_id VCID-hpev-apm4-sqfw
summary 
Null pointer dereference in PKCS12 parsing
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL
to crash leading to a potential Denial of Service attack

Impact summary: Applications loading files in the PKCS12 format from untrusted
sources might terminate abruptly.

A file in PKCS12 format can contain certificates and keys and may come from an
untrusted source. The PKCS12 specification allows certain fields to be NULL, but
OpenSSL does not correctly check for this case. This can lead to a NULL pointer
dereference that results in OpenSSL crashing. If an application processes PKCS12
files from an untrusted source using the OpenSSL APIs then that application will
be vulnerable to this issue.

OpenSSL APIs that are vulnerable to this are: PKCS12_parse(),
PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
and PKCS12_newpass().

We have also fixed a similar issue in SMIME_write_PKCS7(). However since this
function is related to writing data we do not consider it security significant.

The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0727
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.46537
published_at 2026-04-13T12:55:00Z
1
value 0.00236
scoring_system epss
scoring_elements 0.46533
published_at 2026-04-09T12:55:00Z
2
value 0.00236
scoring_system epss
scoring_elements 0.46556
published_at 2026-04-11T12:55:00Z
3
value 0.00236
scoring_system epss
scoring_elements 0.46509
published_at 2026-04-02T12:55:00Z
4
value 0.00236
scoring_system epss
scoring_elements 0.46528
published_at 2026-04-12T12:55:00Z
5
value 0.00236
scoring_system epss
scoring_elements 0.46529
published_at 2026-04-04T12:55:00Z
6
value 0.00236
scoring_system epss
scoring_elements 0.46477
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0727
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
5
reference_url https://github.com/github/advisory-database/pull/3472
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/3472
6
reference_url https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
7
reference_url https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
8
reference_url https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
9
reference_url https://github.com/openssl/openssl/pull/23362
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openssl/openssl/pull/23362
10
reference_url https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
11
reference_url https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
12
reference_url https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
13
reference_url https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html
14
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0727
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-0727
16
reference_url https://security.netapp.com/advisory/ntap-20240208-0006
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240208-0006
17
reference_url https://www.openssl.org/news/secadv/20240125.txt
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/
url https://www.openssl.org/news/secadv/20240125.txt
18
reference_url http://www.openwall.com/lists/oss-security/2024/03/11/1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/03/11/1
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
reference_id 1061582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259944
reference_id 2259944
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259944
21
reference_url https://github.com/advisories/GHSA-9v9h-cgj8-h64p
reference_id GHSA-9v9h-cgj8-h64p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9v9h-cgj8-h64p
22
reference_url https://access.redhat.com/errata/RHSA-2024:2447
reference_id RHSA-2024:2447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2447
23
reference_url https://access.redhat.com/errata/RHSA-2024:9088
reference_id RHSA-2024:9088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9088
24
reference_url https://usn.ubuntu.com/6622-1/
reference_id USN-6622-1
reference_type
scores
url https://usn.ubuntu.com/6622-1/
25
reference_url https://usn.ubuntu.com/6632-1/
reference_id USN-6632-1
reference_type
scores
url https://usn.ubuntu.com/6632-1/
26
reference_url https://usn.ubuntu.com/6709-1/
reference_id USN-6709-1
reference_type
scores
url https://usn.ubuntu.com/6709-1/
27
reference_url https://usn.ubuntu.com/7018-1/
reference_id USN-7018-1
reference_type
scores
url https://usn.ubuntu.com/7018-1/
28
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2024-0727, GHSA-9v9h-cgj8-h64p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpev-apm4-sqfw
14
url VCID-jq5s-hzam-zfda
vulnerability_id VCID-jq5s-hzam-zfda
summary openssl: Use After Free with SSL_free_buffers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4741.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4741.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4741
reference_id
reference_type
scores
0
value 0.00264
scoring_system epss
scoring_elements 0.49905
published_at 2026-04-02T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58124
published_at 2026-04-13T12:55:00Z
2
value 0.00359
scoring_system epss
scoring_elements 0.58119
published_at 2026-04-04T12:55:00Z
3
value 0.00359
scoring_system epss
scoring_elements 0.58094
published_at 2026-04-07T12:55:00Z
4
value 0.00359
scoring_system epss
scoring_elements 0.58148
published_at 2026-04-08T12:55:00Z
5
value 0.00359
scoring_system epss
scoring_elements 0.58152
published_at 2026-04-09T12:55:00Z
6
value 0.00359
scoring_system epss
scoring_elements 0.58167
published_at 2026-04-11T12:55:00Z
7
value 0.00359
scoring_system epss
scoring_elements 0.58144
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4741
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072113
reference_id 1072113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072113
5
reference_url https://www.openssl.org/news/secadv/20240528.txt
reference_id 20240528.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://www.openssl.org/news/secadv/20240528.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2283757
reference_id 2283757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2283757
7
reference_url https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177
reference_id 704f725b96aa373ee45ecfb23f6abfe8be8d9177
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177
8
reference_url https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
reference_id b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
9
reference_url https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac
reference_id c88c3de51020c37e8706bf7a682a162593053aac
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac
10
reference_url https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8
reference_id e5093133c35ca82874ad83697af76f4b0f7e3bd8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8
11
reference_url https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4
reference_id f7a045f3143fc6da2ee66bf52d8df04829590dd4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T14:45:07Z/
url https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4
12
reference_url https://access.redhat.com/errata/RHSA-2024:9333
reference_id RHSA-2024:9333
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9333
13
reference_url https://usn.ubuntu.com/6937-1/
reference_id USN-6937-1
reference_type
scores
url https://usn.ubuntu.com/6937-1/
14
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2024-4741
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jq5s-hzam-zfda
15
url VCID-mg21-k76s-sqfp
vulnerability_id VCID-mg21-k76s-sqfp
summary openssl: Timing side-channel in ECDSA signature computation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-13176
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22223
published_at 2026-04-13T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.22339
published_at 2026-04-02T12:55:00Z
2
value 0.00073
scoring_system epss
scoring_elements 0.22384
published_at 2026-04-04T12:55:00Z
3
value 0.00073
scoring_system epss
scoring_elements 0.22169
published_at 2026-04-07T12:55:00Z
4
value 0.00073
scoring_system epss
scoring_elements 0.22252
published_at 2026-04-08T12:55:00Z
5
value 0.00073
scoring_system epss
scoring_elements 0.22305
published_at 2026-04-09T12:55:00Z
6
value 0.00073
scoring_system epss
scoring_elements 0.22325
published_at 2026-04-11T12:55:00Z
7
value 0.00073
scoring_system epss
scoring_elements 0.22283
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-13176
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844
reference_id 07272b05b04836a762b4baa874958af51d513844
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844
5
reference_url https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded
reference_id 0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027
reference_id 1094027
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027
7
reference_url https://openssl-library.org/news/secadv/20250120.txt
reference_id 20250120.txt
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://openssl-library.org/news/secadv/20250120.txt
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2338999
reference_id 2338999
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2338999
9
reference_url https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467
reference_id 2af62e74fb59bc469506bc37eb2990ea408d9467
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467
10
reference_url https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902
reference_id 392dcb336405a0c94486aa6655057f59fd3a0902
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902
11
reference_url https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65
reference_id 4b1cb94a734a7d4ec363ac0a215a25c181e11f65
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65
12
reference_url https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f
reference_id 77c608f4c8857e63e98e66444e2e761c9627916f
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f
13
reference_url https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86
reference_id a2639000db19878d5d89586ae7b725080592ae86
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/
url https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86
14
reference_url https://usn.ubuntu.com/7264-1/
reference_id USN-7264-1
reference_type
scores
url https://usn.ubuntu.com/7264-1/
15
reference_url https://usn.ubuntu.com/7278-1/
reference_id USN-7278-1
reference_type
scores
url https://usn.ubuntu.com/7278-1/
16
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2024-13176
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mg21-k76s-sqfp
16
url VCID-p7ca-uc7n-mfc4
vulnerability_id VCID-p7ca-uc7n-mfc4
summary openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69418.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69418
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.0063
published_at 2026-04-04T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00638
published_at 2026-04-02T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00678
published_at 2026-04-13T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00693
published_at 2026-04-08T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00685
published_at 2026-04-09T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00686
published_at 2026-04-11T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00679
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430381
reference_id 2430381
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430381
6
reference_url https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc
reference_id 372fc5c77529695b05b4f5b5187691a57ef5dffc
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/
url https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc
7
reference_url https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8
reference_id 4016975d4469cd6b94927c607f7c511385f928d8
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/
url https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8
8
reference_url https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347
reference_id 52d23c86a54adab5ee9f80e48b242b52c4cc2347
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/
url https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347
9
reference_url https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae
reference_id a7589230356d908c0eca4b969ec4f62106f4f5ae
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/
url https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae
10
reference_url https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977
reference_id ed40856d7d4ba6cb42779b6770666a65f19cb977
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:06:43Z/
url https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
14
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
15
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
16
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
17
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
18
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
19
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2025-69418
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7ca-uc7n-mfc4
17
url VCID-rgue-at15-k7a2
vulnerability_id VCID-rgue-at15-k7a2
summary openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22795.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22795
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05603
published_at 2026-04-13T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05582
published_at 2026-04-07T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0562
published_at 2026-04-08T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05645
published_at 2026-04-09T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05618
published_at 2026-04-11T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05609
published_at 2026-04-12T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06481
published_at 2026-04-02T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06509
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22795
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430389
reference_id 2430389
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430389
6
reference_url https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
reference_id 2502e7b7d4c0cf4f972a881641fe09edc67aeec4
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/
url https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
7
reference_url https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
reference_id 572844beca95068394c916626a6d3a490f831a49
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/
url https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49
8
reference_url https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12
reference_id 7bbca05be55b129651d9df4bdb92becc45002c12
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/
url https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12
9
reference_url https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e
reference_id eeee3cbd4d682095ed431052f00403004596373e
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/
url https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e
10
reference_url https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2
reference_id ef2fb66ec571564d64d1c74a12e388a2a54d05d2
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T20:03:18Z/
url https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
14
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
15
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
16
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
17
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
18
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
19
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2026-22795
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgue-at15-k7a2
18
url VCID-sn5k-3e59-7ba8
vulnerability_id VCID-sn5k-3e59-7ba8
summary 
Improper Check for Unusual or Exceptional Conditions
Issue summary: Generating excessively long X9.42 DH keys or checking
excessively long X9.42 DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_generate_key() to
generate an X9.42 DH key may experience long delays. Likewise, applications
that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()
to check an X9.42 DH key or X9.42 DH parameters may experience long delays.
Where the key or parameters that are being checked have been obtained from
an untrusted source this may lead to a Denial of Service.

While DH_check() performs all the necessary checks (as of CVE-2023-3817),
DH_check_pub_key() does not make any of these checks, and is therefore
vulnerable for excessively large P and Q parameters.

Likewise, while DH_generate_key() performs a check for an excessively large
P, it does not check for an excessively large Q.

An application that calls DH_generate_key() or DH_check_pub_key() and
supplies a key or parameters obtained from an untrusted source could be
vulnerable to a Denial of Service attack.

DH_generate_key() and DH_check_pub_key() are also called by a number of
other OpenSSL functions. An application calling any of those other
functions may similarly be affected. The other functions affected by this
are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().

Also vulnerable are the OpenSSL pkey command line application when using the
"-pubcheck" option, as well as the OpenSSL genpkey command line application.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5678.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5678
reference_id
reference_type
scores
0
value 0.00638
scoring_system epss
scoring_elements 0.70492
published_at 2026-04-13T12:55:00Z
1
value 0.00638
scoring_system epss
scoring_elements 0.70482
published_at 2026-04-08T12:55:00Z
2
value 0.00638
scoring_system epss
scoring_elements 0.70498
published_at 2026-04-09T12:55:00Z
3
value 0.00638
scoring_system epss
scoring_elements 0.70522
published_at 2026-04-11T12:55:00Z
4
value 0.00638
scoring_system epss
scoring_elements 0.70507
published_at 2026-04-12T12:55:00Z
5
value 0.00656
scoring_system epss
scoring_elements 0.7097
published_at 2026-04-04T12:55:00Z
6
value 0.00656
scoring_system epss
scoring_elements 0.70953
published_at 2026-04-02T12:55:00Z
7
value 0.00656
scoring_system epss
scoring_elements 0.70945
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5678
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055
5
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c
6
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
7
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6
8
reference_url https://www.openssl.org/news/secadv/20231106.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:42:37Z/
url https://www.openssl.org/news/secadv/20231106.txt
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473
reference_id 1055473
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055473
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2248616
reference_id 2248616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2248616
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5678
reference_id CVE-2023-5678
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-5678
12
reference_url https://access.redhat.com/errata/RHSA-2023:7877
reference_id RHSA-2023:7877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7877
13
reference_url https://access.redhat.com/errata/RHSA-2024:0154
reference_id RHSA-2024:0154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0154
14
reference_url https://access.redhat.com/errata/RHSA-2024:0208
reference_id RHSA-2024:0208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0208
15
reference_url https://access.redhat.com/errata/RHSA-2024:1316
reference_id RHSA-2024:1316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1316
16
reference_url https://access.redhat.com/errata/RHSA-2024:1317
reference_id RHSA-2024:1317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1317
17
reference_url https://access.redhat.com/errata/RHSA-2024:1318
reference_id RHSA-2024:1318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1318
18
reference_url https://access.redhat.com/errata/RHSA-2024:1319
reference_id RHSA-2024:1319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1319
19
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
20
reference_url https://access.redhat.com/errata/RHSA-2024:2447
reference_id RHSA-2024:2447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2447
21
reference_url https://usn.ubuntu.com/6622-1/
reference_id USN-6622-1
reference_type
scores
url https://usn.ubuntu.com/6622-1/
22
reference_url https://usn.ubuntu.com/6632-1/
reference_id USN-6632-1
reference_type
scores
url https://usn.ubuntu.com/6632-1/
23
reference_url https://usn.ubuntu.com/6709-1/
reference_id USN-6709-1
reference_type
scores
url https://usn.ubuntu.com/6709-1/
24
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2023-5678
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sn5k-3e59-7ba8
19
url VCID-w9yg-3dbq-8qge
vulnerability_id VCID-w9yg-3dbq-8qge
summary openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69421.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69421.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69421
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10003
published_at 2026-04-04T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09955
published_at 2026-04-02T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10542
published_at 2026-04-13T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10428
published_at 2026-04-07T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10502
published_at 2026-04-08T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10569
published_at 2026-04-09T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10598
published_at 2026-04-11T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10566
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69421
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://openssl-library.org/news/secadv/20260127.txt
reference_id 20260127.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/
url https://openssl-library.org/news/secadv/20260127.txt
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2430387
reference_id 2430387
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2430387
6
reference_url https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b
reference_id 3524a29271f8191b8fd8a5257eb05173982a097b
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/
url https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b
7
reference_url https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7
reference_id 36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/
url https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7
8
reference_url https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd
reference_id 4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/
url https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd
9
reference_url https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3
reference_id 643986985cd1c21221f941129d76fe0c2785aeb3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/
url https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3
10
reference_url https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c
reference_id a2dbc539f0f9cc63832709fa5aa33ad9495eb19c
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-28T15:17:58Z/
url https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c
11
reference_url https://access.redhat.com/errata/RHSA-2026:1472
reference_id RHSA-2026:1472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1472
12
reference_url https://access.redhat.com/errata/RHSA-2026:1473
reference_id RHSA-2026:1473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1473
13
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
14
reference_url https://access.redhat.com/errata/RHSA-2026:2485
reference_id RHSA-2026:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2485
15
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
16
reference_url https://access.redhat.com/errata/RHSA-2026:3228
reference_id RHSA-2026:3228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3228
17
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
18
reference_url https://usn.ubuntu.com/7980-1/
reference_id USN-7980-1
reference_type
scores
url https://usn.ubuntu.com/7980-1/
19
reference_url https://usn.ubuntu.com/7980-2/
reference_id USN-7980-2
reference_type
scores
url https://usn.ubuntu.com/7980-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
aliases CVE-2025-69421
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9yg-3dbq-8qge
20
url VCID-wuwm-ksb1-6qd5
vulnerability_id VCID-wuwm-ksb1-6qd5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28390
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08405
published_at 2026-04-08T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08422
published_at 2026-04-09T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15107
published_at 2026-04-12T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15145
published_at 2026-04-11T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18229
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28390
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc
reference_id 01194a8f1941115cd0383bfa91c736dd3993c8bc
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/
url https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc
5
reference_url https://openssl-library.org/news/secadv/20260407.txt
reference_id 20260407.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/
url https://openssl-library.org/news/secadv/20260407.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456314
reference_id 2456314
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456314
7
reference_url https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6
reference_id 2e39b7a6993be445fddb9fbce316fa756e0397b6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/
url https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6
8
reference_url https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4
reference_id af2a5fecd3e71a29e7568f9c1453dec5cebbaff4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/
url https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4
9
reference_url https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788
reference_id ea7b4ea4f9f853521ba34830cbcadc970d2e0788
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/
url https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788
10
reference_url https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75
reference_id fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/
url https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75
11
reference_url https://usn.ubuntu.com/8155-1/
reference_id USN-8155-1
reference_type
scores
url https://usn.ubuntu.com/8155-1/
12
reference_url https://usn.ubuntu.com/8155-2/
reference_id USN-8155-2
reference_type
scores
url https://usn.ubuntu.com/8155-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.6.2-1
purl pkg:deb/debian/openssl@3.6.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1
2
url pkg:deb/debian/openssl@4.0.0~alpha1-1
purl pkg:deb/debian/openssl@4.0.0~alpha1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1
aliases CVE-2026-28390
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wuwm-ksb1-6qd5
21
url VCID-zkc9-huk8-27bc
vulnerability_id VCID-zkc9-huk8-27bc
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28389
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08405
published_at 2026-04-08T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08422
published_at 2026-04-09T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15107
published_at 2026-04-12T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15145
published_at 2026-04-11T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18229
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28389
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5
reference_id 16cea4188e0ea567deb4f93f85902247e67384f5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/
url https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5
5
reference_url https://openssl-library.org/news/secadv/20260407.txt
reference_id 20260407.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/
url https://openssl-library.org/news/secadv/20260407.txt
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451096
reference_id 2451096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451096
7
reference_url https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616
reference_id 785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/
url https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616
8
reference_url https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f
reference_id 7b5274e812400cacb6f3be4c2df5340923fa807f
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/
url https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f
9
reference_url https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a
reference_id c6725634e089eb2b634b10ede33944be7248172a
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/
url https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a
10
reference_url https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686
reference_id f80f83bc5fd036bc47d773e8b15a001e2b4ce686
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/
url https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686
11
reference_url https://usn.ubuntu.com/8155-1/
reference_id USN-8155-1
reference_type
scores
url https://usn.ubuntu.com/8155-1/
12
reference_url https://usn.ubuntu.com/8155-2/
reference_id USN-8155-2
reference_type
scores
url https://usn.ubuntu.com/8155-2/
fixed_packages
0
url pkg:deb/debian/openssl@3.0.14-1~deb12u1
purl pkg:deb/debian/openssl@3.0.14-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1
1
url pkg:deb/debian/openssl@3.6.2-1
purl pkg:deb/debian/openssl@3.6.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1
2
url pkg:deb/debian/openssl@4.0.0~alpha1-1
purl pkg:deb/debian/openssl@4.0.0~alpha1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1
aliases CVE-2026-28389
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkc9-huk8-27bc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1