Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main

Type apk

Namespace alpine

Name openssl

Version 3.5.6-r0

Qualifiers

arch	riscv64
distroversion	edge
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7f9q-mhsr-8bfq

vulnerability_id VCID-7f9q-mhsr-8bfq

summary openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-2673

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13801
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13672
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13857
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13657
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.1374
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.1379
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13759
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13722
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-2673

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650
reference_id	1130650
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650

reference_url

https://openssl-library.org/news/secadv/20260313.txt

reference_id

20260313.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/

url

https://openssl-library.org/news/secadv/20260313.txt

reference_url

https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f

reference_id

2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/

url

https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2447327
reference_id	2447327
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2447327

reference_url

https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34

reference_id

85977e013f32ceb96aa034c0e741adddc1a05e34

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/

url

https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-2673

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7f9q-mhsr-8bfq

url VCID-87vs-4p6w-xbgq

vulnerability_id VCID-87vs-4p6w-xbgq

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-31789

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01203
published_at	2026-04-08T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01206
published_at	2026-04-09T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.0157
published_at	2026-04-13T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00889
published_at	2026-04-11T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00883
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-31789

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://openssl-library.org/news/secadv/20260407.txt

reference_id

20260407.txt

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/

url

https://openssl-library.org/news/secadv/20260407.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2451095
reference_id	2451095
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2451095

reference_url

https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde

reference_id

364f095b80601db632b0def6a33316967f863bde

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/

url

https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde

reference_url

https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf

reference_id

7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/

url

https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf

reference_url

https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49

reference_id

945b935ac66cc7f1a41f1b849c7c25adb5351f49

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/

url

https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49

reference_url

https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9

reference_id

a24216018e1ede8ff01a4ff5afff7dfbd443e2f9

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/

url

https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9

reference_url

https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521

reference_id

a91e537d16d74050dbde50bb0dfb1fe9930f0521

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/

url

https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-31789

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87vs-4p6w-xbgq

url VCID-cef8-2p5t-bff7

vulnerability_id VCID-cef8-2p5t-bff7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-31790

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01498
published_at	2026-04-08T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04587
published_at	2026-04-12T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04603
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0568
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06358
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-31790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac

reference_id

001e01db3e996e13ffc72386fe79d03a6683b5ac

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/

url

https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac

reference_url

https://openssl-library.org/news/secadv/20260407.txt

reference_id

20260407.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/

url

https://openssl-library.org/news/secadv/20260407.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2451094
reference_id	2451094
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2451094

reference_url

https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482

reference_id

abd8b2eec7e3f3fda60ecfb68498b246b52af482

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/

url

https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482

reference_url

https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406

reference_id

b922e24e5b23ffb9cb9e14cadff23d91e9f7e406

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/

url

https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406

reference_url

https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790

reference_id

d5f8e71cd0a54e961d0c3b174348f8308486f790

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/

url

https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790

reference_url

https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e

reference_id

eed200f58cd8645ed77e46b7e9f764e284df379e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/

url

https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-31790

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cef8-2p5t-bff7

url VCID-f2na-rtsu-ffad

vulnerability_id VCID-f2na-rtsu-ffad

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28387

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.04327
published_at	2026-04-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04313
published_at	2026-04-12T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05464
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05485
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05579
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b

reference_id

07e727d304746edb49a98ee8f6ab00256e1f012b

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/

url

https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b

reference_url

https://openssl-library.org/news/secadv/20260407.txt

reference_id

20260407.txt

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/

url

https://openssl-library.org/news/secadv/20260407.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2451098
reference_id	2451098
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2451098

reference_url

https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe

reference_id

258a8f63b26995ba357f4326da00e19e29c6acbe

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/

url

https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe

reference_url

https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3

reference_id

444958deaf450aea819171f97ae69eaedede42c3

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/

url

https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3

reference_url

https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7

reference_id

7a4e08cee62a728d32e60b0de89e6764339df0a7

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/

url

https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7

reference_url

https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177

reference_id

ec03fa050b3346997ed9c5fef3d0e16ad7db8177

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/

url

https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

reference_url	https://usn.ubuntu.com/8155-2/
reference_id	USN-8155-2
reference_type
scores
url	https://usn.ubuntu.com/8155-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-28387

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f2na-rtsu-ffad

url VCID-hgvf-vxhr-cye8

vulnerability_id VCID-hgvf-vxhr-cye8

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28388

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01419
published_at	2026-04-09T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01418
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06151
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06156
published_at	2026-04-11T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08551
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388

reference_url

https://openssl-library.org/news/secadv/20260407.txt

reference_id

20260407.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/

url

https://openssl-library.org/news/secadv/20260407.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2451097
reference_id	2451097
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2451097

reference_url

https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e

reference_id

59c3b3158553ab53275bbbccca5cb305d591cf2e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/

url

https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e

reference_url

https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139

reference_id

5a0b4930779cd2408880979db765db919da55139

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/

url

https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139

reference_url

https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3

reference_id

602542f2c0c2d5edb47128f93eac10b62aeeefb3

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/

url

https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3

reference_url

https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8

reference_id

a9d187dd1000130100fa7ab915f8513532cb3bb8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/

url

https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8

reference_url

https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726

reference_id

d3a901e8d9f021f3e67d6cfbc12e768129862726

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/

url

https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

reference_url	https://usn.ubuntu.com/8155-2/
reference_id	USN-8155-2
reference_type
scores
url	https://usn.ubuntu.com/8155-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-28388

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgvf-vxhr-cye8

url VCID-wuwm-ksb1-6qd5

vulnerability_id VCID-wuwm-ksb1-6qd5

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28390

reference_id

reference_type

scores

value	0.00029
scoring_system	epss
scoring_elements	0.08405
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08422
published_at	2026-04-09T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15107
published_at	2026-04-12T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15145
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18229
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc

reference_id

01194a8f1941115cd0383bfa91c736dd3993c8bc

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/

url

https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc

reference_url

https://openssl-library.org/news/secadv/20260407.txt

reference_id

20260407.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/

url

https://openssl-library.org/news/secadv/20260407.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456314
reference_id	2456314
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456314

reference_url

https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6

reference_id

2e39b7a6993be445fddb9fbce316fa756e0397b6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/

url

https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6

reference_url

https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4

reference_id

af2a5fecd3e71a29e7568f9c1453dec5cebbaff4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/

url

https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4

reference_url

https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788

reference_id

ea7b4ea4f9f853521ba34830cbcadc970d2e0788

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/

url

https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788

reference_url

https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75

reference_id

fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/

url

https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

reference_url	https://usn.ubuntu.com/8155-2/
reference_id	USN-8155-2
reference_type
scores
url	https://usn.ubuntu.com/8155-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-28390

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wuwm-ksb1-6qd5

url VCID-zkc9-huk8-27bc

vulnerability_id VCID-zkc9-huk8-27bc

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28389

reference_id

reference_type

scores

value	0.00029
scoring_system	epss
scoring_elements	0.08405
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08422
published_at	2026-04-09T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15107
published_at	2026-04-12T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15145
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18229
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5

reference_id

16cea4188e0ea567deb4f93f85902247e67384f5

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/

url

https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5

reference_url

https://openssl-library.org/news/secadv/20260407.txt

reference_id

20260407.txt

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/

url

https://openssl-library.org/news/secadv/20260407.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2451096
reference_id	2451096
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2451096

reference_url

https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616

reference_id

785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/

url

https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616

reference_url

https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f

reference_id

7b5274e812400cacb6f3be4c2df5340923fa807f

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/

url

https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f

reference_url

https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a

reference_id

c6725634e089eb2b634b10ede33944be7248172a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/

url

https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a

reference_url

https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686

reference_id

f80f83bc5fd036bc47d773e8b15a001e2b4ce686

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/

url

https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686

reference_url	https://usn.ubuntu.com/8155-1/
reference_id	USN-8155-1
reference_type
scores
url	https://usn.ubuntu.com/8155-1/

reference_url	https://usn.ubuntu.com/8155-2/
reference_id	USN-8155-2
reference_type
scores
url	https://usn.ubuntu.com/8155-2/

fixed_packages

url	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

aliases CVE-2026-28389

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkc9-huk8-27bc

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main

Package Instance