{"url":"http://public2.vulnerablecode.io/api/packages/128477?format=json","purl":"pkg:rpm/redhat/openssl@0.9.8e-12?arch=el5","type":"rpm","namespace":"redhat","name":"openssl","version":"0.9.8e-12","qualifiers":{"arch":"el5"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61871?format=json","vulnerability_id":"VCID-cepc-ff12-syf7","summary":"Multiple vulnerabilities in OpenSSL might allow remote attackers to conduct\n    multiple attacks, including the injection of arbitrary data into encrypted\n    byte streams.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1379.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1379.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1379","reference_id":"","reference_type":"","scores":[{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92365","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92372","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92379","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92382","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92394","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92399","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92405","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92407","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92416","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92415","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92418","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92421","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92427","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92436","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92445","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92449","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92455","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92476","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08556","scoring_system":"epss","scoring_elements":"0.92483","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1379"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=501572","reference_id":"501572","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=501572"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400","reference_id":"530400","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8720.c","reference_id":"CVE-2009-1379;OSVDB-54614","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8720.c"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/792-1/","reference_id":"USN-792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/792-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1379"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cepc-ff12-syf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61869?format=json","vulnerability_id":"VCID-cj9q-gyca-4yca","summary":"Multiple vulnerabilities in OpenSSL might allow remote attackers to conduct\n    multiple attacks, including the injection of arbitrary data into encrypted\n    byte streams.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1377.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1377.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1377","reference_id":"","reference_type":"","scores":[{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86238","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86247","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86265","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86266","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86284","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86295","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86309","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86307","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86303","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86319","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86323","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86317","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86337","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86346","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86343","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86364","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86384","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86404","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.864","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86414","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.8645","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86459","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=501253","reference_id":"501253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=501253"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400","reference_id":"530400","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/792-1/","reference_id":"USN-792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/792-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1377"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cj9q-gyca-4yca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61870?format=json","vulnerability_id":"VCID-mdgj-8zzd-gfgw","summary":"Multiple vulnerabilities in OpenSSL might allow remote attackers to conduct\n    multiple attacks, including the injection of arbitrary data into encrypted\n    byte streams.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1378.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1378","reference_id":"","reference_type":"","scores":[{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94108","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94118","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.9413","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94133","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94142","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.9415","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94166","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.9417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94169","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94172","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94178","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.9419","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94202","published_at":"2026-05-09T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94206","published_at":"2026-05-11T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94212","published_at":"2026-05-12T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94225","published_at":"2026-05-14T12:55:00Z"},{"value":"0.13245","scoring_system":"epss","scoring_elements":"0.94229","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=501254","reference_id":"501254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=501254"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400","reference_id":"530400","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530400"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/792-1/","reference_id":"USN-792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/792-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1378"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdgj-8zzd-gfgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88146?format=json","vulnerability_id":"VCID-nqt4-k72v-mqfn","summary":"openssl: DTLS NULL deref crash on early ChangeCipherSpec request","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1386.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1386","reference_id":"","reference_type":"","scores":[{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97683","published_at":"2026-04-01T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.9769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97691","published_at":"2026-04-07T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97696","published_at":"2026-04-08T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97699","published_at":"2026-04-09T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97701","published_at":"2026-04-11T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97704","published_at":"2026-04-12T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97711","published_at":"2026-04-16T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97714","published_at":"2026-04-24T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97715","published_at":"2026-04-26T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.9772","published_at":"2026-04-29T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97723","published_at":"2026-05-05T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97725","published_at":"2026-05-07T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97727","published_at":"2026-05-11T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97731","published_at":"2026-05-12T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.97739","published_at":"2026-05-14T12:55:00Z"},{"value":"0.47628","scoring_system":"epss","scoring_elements":"0.9774","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503685","reference_id":"503685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503685"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037","reference_id":"532037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8873.c","reference_id":"OSVDB-55073;CVE-2009-1386","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8873.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/792-1/","reference_id":"USN-792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/792-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1386"],"risk_score":0.8,"exploitability":"2.0","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqt4-k72v-mqfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51056?format=json","vulnerability_id":"VCID-rbqf-a1ce-kbf9","summary":"An error in OpenSSL might allow for a Denial of Service when printing\n    certificate details.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"reference_url":"http://lists.vmware.com/pipermail/security-announce/2010/000082.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.vmware.com/pipermail/security-announce/2010/000082.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124464882609472&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124464882609472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127678688104458&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=127678688104458&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0590.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0590.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0590","reference_id":"","reference_type":"","scores":[{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93152","published_at":"2026-05-15T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93031","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93039","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93043","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93051","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93061","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93059","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.9306","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93071","published_at":"2026-04-16T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93074","published_at":"2026-04-18T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.9308","published_at":"2026-04-21T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93086","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93082","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.9309","published_at":"2026-05-05T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93104","published_at":"2026-05-07T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93115","published_at":"2026-05-09T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93118","published_at":"2026-05-11T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93125","published_at":"2026-05-12T12:55:00Z"},{"value":"0.10016","scoring_system":"epss","scoring_elements":"0.93146","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590"},{"reference_url":"http://secunia.com/advisories/34411","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34411"},{"reference_url":"http://secunia.com/advisories/34460","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34460"},{"reference_url":"http://secunia.com/advisories/34509","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34509"},{"reference_url":"http://secunia.com/advisories/34561","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34561"},{"reference_url":"http://secunia.com/advisories/34666","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34666"},{"reference_url":"http://secunia.com/advisories/34896","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34896"},{"reference_url":"http://secunia.com/advisories/34960","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34960"},{"reference_url":"http://secunia.com/advisories/35065","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35065"},{"reference_url":"http://secunia.com/advisories/35181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35181"},{"reference_url":"http://secunia.com/advisories/35380","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35380"},{"reference_url":"http://secunia.com/advisories/35729","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35729"},{"reference_url":"http://secunia.com/advisories/36533","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36533"},{"reference_url":"http://secunia.com/advisories/36701","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36701"},{"reference_url":"http://secunia.com/advisories/38794","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/38794"},{"reference_url":"http://secunia.com/advisories/38834","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/38834"},{"reference_url":"http://secunia.com/advisories/42467","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42467"},{"reference_url":"http://secunia.com/advisories/42724","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42724"},{"reference_url":"http://secunia.com/advisories/42733","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42733"},{"reference_url":"http://security.FreeBSD.org/advisories/FreeBSD-SA-09:08.openssl.asc","reference_id":"","reference_type":"","scores":[],"url":"http://security.FreeBSD.org/advisories/FreeBSD-SA-09:08.openssl.asc"},{"reference_url":"http://securitytracker.com/id?1021905","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1021905"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49431","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49431"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"},{"reference_url":"https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"},{"reference_url":"http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10198","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10198"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6996","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6996"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-258048-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-258048-1"},{"reference_url":"http://support.apple.com/kb/HT3865","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3865"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2009-172.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2009-172.htm"},{"reference_url":"http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html","reference_id":"","reference_type":"","scores":[],"url":"http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0057","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0057"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0057","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0057"},{"reference_url":"http://www.debian.org/security/2009/dsa-1763","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2009/dsa-1763"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:087","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:087"},{"reference_url":"http://www.openssl.org/news/secadv_20090325.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssl.org/news/secadv_20090325.txt"},{"reference_url":"http://www.osvdb.org/52864","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/52864"},{"reference_url":"http://www.php.net/archive/2009.php#id2009-04-08-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/archive/2009.php#id2009-04-08-1"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1335.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1335.html"},{"reference_url":"http://www.securityfocus.com/archive/1/502429/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/502429/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/34256","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/34256"},{"reference_url":"http://www.ubuntu.com/usn/usn-750-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-750-1"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0850","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0850"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1020","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1020"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1175","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1175"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1220","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1220"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1548","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1548"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0528","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/0528"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3126","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=492304","reference_id":"492304","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=492304"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522002","reference_id":"522002","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522002"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0590","reference_id":"CVE-2009-0590","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0590"},{"reference_url":"https://security.gentoo.org/glsa/200904-08","reference_id":"GLSA-200904-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/750-1/","reference_id":"USN-750-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/750-1/"}],"fixed_packages":[],"aliases":["CVE-2009-0590"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbqf-a1ce-kbf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61872?format=json","vulnerability_id":"VCID-rkj9-zbcz-qkec","summary":"Multiple vulnerabilities in OpenSSL might allow remote attackers to conduct\n    multiple attacks, including the injection of arbitrary data into encrypted\n    byte streams.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1387.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1387","reference_id":"","reference_type":"","scores":[{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94165","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94174","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94188","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94206","published_at":"2026-04-11T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94207","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94222","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94228","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94231","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.9423","published_at":"2026-04-26T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94235","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94246","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94257","published_at":"2026-05-09T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94263","published_at":"2026-05-11T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94269","published_at":"2026-05-12T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94283","published_at":"2026-05-14T12:55:00Z"},{"value":"0.13464","scoring_system":"epss","scoring_elements":"0.94286","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503688","reference_id":"503688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503688"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037","reference_id":"532037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532037"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/792-1/","reference_id":"USN-792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/792-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1387"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rkj9-zbcz-qkec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56547?format=json","vulnerability_id":"VCID-zah1-wsjc-8kdm","summary":"Multiple vulnerabilities have been found in OpenSSL allowing remote\n    attackers to determine private keys or cause a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7250.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7250.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7250","reference_id":"","reference_type":"","scores":[{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80427","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80448","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80438","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80467","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80477","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.80496","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83652","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83682","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83683","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83708","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83715","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83721","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83744","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83764","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83781","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83796","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83831","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01998","scoring_system":"epss","scoring_elements":"0.83841","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7250"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=798100","reference_id":"798100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=798100"},{"reference_url":"https://security.gentoo.org/glsa/201312-03","reference_id":"GLSA-201312-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201312-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1335","reference_id":"RHSA-2009:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1335"},{"reference_url":"https://usn.ubuntu.com/1424-1/","reference_id":"USN-1424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1424-1/"}],"fixed_packages":[],"aliases":["CVE-2006-7250"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zah1-wsjc-8kdm"}],"fixing_vulnerabilities":[],"risk_score":"2.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@0.9.8e-12%3Farch=el5"}