Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
Typedeb
Namespacedebian
Namestunnel4
Version3:5.78-2
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-28d1-mcra-hqhu
vulnerability_id VCID-28d1-mcra-hqhu
summary stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1563.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1563.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1563
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24287
published_at 2026-06-04T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24387
published_at 2026-06-05T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24368
published_at 2026-06-06T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24313
published_at 2026-06-07T12:55:00Z
4
value 0.00083
scoring_system epss
scoring_elements 0.24253
published_at 2026-06-08T12:55:00Z
5
value 0.00083
scoring_system epss
scoring_elements 0.24261
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1563
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1563
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616922
reference_id 1616922
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616922
4
reference_url https://access.redhat.com/errata/RHSA-2003:221
reference_id RHSA-2003:221
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:221
5
reference_url https://access.redhat.com/errata/RHSA-2003:223
reference_id RHSA-2003:223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:223
6
reference_url https://access.redhat.com/errata/RHSA-2003:296
reference_id RHSA-2003:296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:296
fixed_packages
0
url pkg:deb/debian/stunnel4@4.04-1?distro=trixie
purl pkg:deb/debian/stunnel4@4.04-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@4.04-1%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2002-1563
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-28d1-mcra-hqhu
1
url VCID-2gde-8w7w-2ugw
vulnerability_id VCID-2gde-8w7w-2ugw
summary A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20230.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20230.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20230
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.433
published_at 2026-06-04T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43373
published_at 2026-06-05T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43383
published_at 2026-06-06T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43358
published_at 2026-06-07T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43324
published_at 2026-06-08T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43333
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20230
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20230
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20230
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925226
reference_id 1925226
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1925226
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982578
reference_id 982578
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982578
6
reference_url https://security.gentoo.org/glsa/202105-02
reference_id GLSA-202105-02
reference_type
scores
url https://security.gentoo.org/glsa/202105-02
7
reference_url https://access.redhat.com/errata/RHSA-2021:0618
reference_id RHSA-2021:0618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0618
8
reference_url https://access.redhat.com/errata/RHSA-2021:0619
reference_id RHSA-2021:0619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0619
9
reference_url https://access.redhat.com/errata/RHSA-2021:0620
reference_id RHSA-2021:0620
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0620
10
reference_url https://usn.ubuntu.com/6901-1/
reference_id USN-6901-1
reference_type
scores
url https://usn.ubuntu.com/6901-1/
fixed_packages
0
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-8?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-8%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2021-20230
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2gde-8w7w-2ugw
2
url VCID-2zcy-1bz6-83a6
vulnerability_id VCID-2zcy-1bz6-83a6
summary stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0016.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0016.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0016
reference_id
reference_type
scores
0
value 0.00312
scoring_system epss
scoring_elements 0.54686
published_at 2026-06-04T12:55:00Z
1
value 0.00312
scoring_system epss
scoring_elements 0.54744
published_at 2026-06-05T12:55:00Z
2
value 0.00312
scoring_system epss
scoring_elements 0.54754
published_at 2026-06-06T12:55:00Z
3
value 0.00312
scoring_system epss
scoring_elements 0.54748
published_at 2026-06-09T12:55:00Z
4
value 0.00312
scoring_system epss
scoring_elements 0.54728
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0016
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1072180
reference_id 1072180
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1072180
3
reference_url https://security.gentoo.org/glsa/201408-14
reference_id GLSA-201408-14
reference_type
scores
url https://security.gentoo.org/glsa/201408-14
fixed_packages
0
url pkg:deb/debian/stunnel4@0?distro=trixie
purl pkg:deb/debian/stunnel4@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@0%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2014-0016
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zcy-1bz6-83a6
3
url VCID-58g8-3jc7-dua2
vulnerability_id VCID-58g8-3jc7-dua2
summary The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2420.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2420.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2420
reference_id
reference_type
scores
0
value 0.00488
scoring_system epss
scoring_elements 0.65802
published_at 2026-06-04T12:55:00Z
1
value 0.00488
scoring_system epss
scoring_elements 0.65855
published_at 2026-06-05T12:55:00Z
2
value 0.00488
scoring_system epss
scoring_elements 0.65867
published_at 2026-06-06T12:55:00Z
3
value 0.00488
scoring_system epss
scoring_elements 0.65853
published_at 2026-06-07T12:55:00Z
4
value 0.00488
scoring_system epss
scoring_elements 0.65842
published_at 2026-06-08T12:55:00Z
5
value 0.00488
scoring_system epss
scoring_elements 0.65861
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2420
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2420
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=448290
reference_id 448290
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=448290
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482644
reference_id 482644
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482644
5
reference_url https://security.gentoo.org/glsa/200808-08
reference_id GLSA-200808-08
reference_type
scores
url https://security.gentoo.org/glsa/200808-08
fixed_packages
0
url pkg:deb/debian/stunnel4@3:4.22-1.1?distro=trixie
purl pkg:deb/debian/stunnel4@3:4.22-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:4.22-1.1%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2008-2420
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58g8-3jc7-dua2
4
url VCID-8ewv-qgkf-4kfc
vulnerability_id VCID-8ewv-qgkf-4kfc
summary Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3644.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3644.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3644
reference_id
reference_type
scores
0
value 0.00248
scoring_system epss
scoring_elements 0.48355
published_at 2026-06-06T12:55:00Z
1
value 0.00248
scoring_system epss
scoring_elements 0.4832
published_at 2026-06-09T12:55:00Z
2
value 0.00248
scoring_system epss
scoring_elements 0.48352
published_at 2026-06-05T12:55:00Z
3
value 0.00248
scoring_system epss
scoring_elements 0.48289
published_at 2026-06-04T12:55:00Z
4
value 0.00248
scoring_system epss
scoring_elements 0.48336
published_at 2026-06-07T12:55:00Z
5
value 0.00248
scoring_system epss
scoring_elements 0.48307
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3644
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3644
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3644
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1221673
reference_id 1221673
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1221673
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785352
reference_id 785352
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785352
fixed_packages
0
url pkg:deb/debian/stunnel4@3:5.18-1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.18-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.18-1%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2015-3644
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ewv-qgkf-4kfc
5
url VCID-b6a6-yqv3-6fbn
vulnerability_id VCID-b6a6-yqv3-6fbn
summary Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2400
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16391
published_at 2026-06-04T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16472
published_at 2026-06-05T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.1647
published_at 2026-06-06T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16427
published_at 2026-06-07T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16346
published_at 2026-06-08T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.16365
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2400
fixed_packages
0
url pkg:deb/debian/stunnel4@0?distro=trixie
purl pkg:deb/debian/stunnel4@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@0%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2008-2400
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6a6-yqv3-6fbn
6
url VCID-fdwq-p7ca-v7fw
vulnerability_id VCID-fdwq-p7ca-v7fw
summary stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2940.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2940.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2940
reference_id
reference_type
scores
0
value 0.15844
scoring_system epss
scoring_elements 0.94865
published_at 2026-06-04T12:55:00Z
1
value 0.15844
scoring_system epss
scoring_elements 0.94874
published_at 2026-06-06T12:55:00Z
2
value 0.15844
scoring_system epss
scoring_elements 0.94875
published_at 2026-06-07T12:55:00Z
3
value 0.15844
scoring_system epss
scoring_elements 0.94876
published_at 2026-06-08T12:55:00Z
4
value 0.15844
scoring_system epss
scoring_elements 0.94881
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2940
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2940
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2940
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638758
reference_id 638758
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638758
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=732068
reference_id 732068
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=732068
5
reference_url https://security.gentoo.org/glsa/201202-08
reference_id GLSA-201202-08
reference_type
scores
url https://security.gentoo.org/glsa/201202-08
fixed_packages
0
url pkg:deb/debian/stunnel4@3:4.42-1?distro=trixie
purl pkg:deb/debian/stunnel4@3:4.42-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:4.42-1%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2011-2940
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdwq-p7ca-v7fw
7
url VCID-urbb-n8x2-p3dh
vulnerability_id VCID-urbb-n8x2-p3dh
summary stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1762.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1762
reference_id
reference_type
scores
0
value 0.0201
scoring_system epss
scoring_elements 0.8402
published_at 2026-06-04T12:55:00Z
1
value 0.0201
scoring_system epss
scoring_elements 0.84043
published_at 2026-06-05T12:55:00Z
2
value 0.0201
scoring_system epss
scoring_elements 0.84046
published_at 2026-06-06T12:55:00Z
3
value 0.0201
scoring_system epss
scoring_elements 0.84041
published_at 2026-06-07T12:55:00Z
4
value 0.0201
scoring_system epss
scoring_elements 0.84032
published_at 2026-06-08T12:55:00Z
5
value 0.0201
scoring_system epss
scoring_elements 0.84045
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1762
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1762
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702267
reference_id 702267
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702267
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=917839
reference_id 917839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=917839
5
reference_url https://security.gentoo.org/glsa/201402-08
reference_id GLSA-201402-08
reference_type
scores
url https://security.gentoo.org/glsa/201402-08
6
reference_url https://access.redhat.com/errata/RHSA-2013:0714
reference_id RHSA-2013:0714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0714
fixed_packages
0
url pkg:deb/debian/stunnel4@3:4.53-1.1?distro=trixie
purl pkg:deb/debian/stunnel4@3:4.53-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:4.53-1.1%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2013-1762
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urbb-n8x2-p3dh
8
url VCID-z7ec-9s3a-m3bb
vulnerability_id VCID-z7ec-9s3a-m3bb
summary Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0740.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0740
reference_id
reference_type
scores
0
value 0.00116
scoring_system epss
scoring_elements 0.29905
published_at 2026-06-04T12:55:00Z
1
value 0.00116
scoring_system epss
scoring_elements 0.29973
published_at 2026-06-05T12:55:00Z
2
value 0.00116
scoring_system epss
scoring_elements 0.29935
published_at 2026-06-06T12:55:00Z
3
value 0.00116
scoring_system epss
scoring_elements 0.29904
published_at 2026-06-07T12:55:00Z
4
value 0.00116
scoring_system epss
scoring_elements 0.29877
published_at 2026-06-08T12:55:00Z
5
value 0.00116
scoring_system epss
scoring_elements 0.2989
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0740
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617077
reference_id 1617077
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617077
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278942
reference_id 278942
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278942
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/91.c
reference_id OSVDB-6451;CVE-2003-0740
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/91.c
6
reference_url https://access.redhat.com/errata/RHSA-2003:296
reference_id RHSA-2003:296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:296
7
reference_url https://access.redhat.com/errata/RHSA-2003:297
reference_id RHSA-2003:297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:297
fixed_packages
0
url pkg:deb/debian/stunnel4@2:4.04?distro=trixie
purl pkg:deb/debian/stunnel4@2:4.04?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@2:4.04%3Fdistro=trixie
1
url pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.56%2Bdfsg-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.56%252Bdfsg-10%3Fdistro=trixie
2
url pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.68-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.68-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.74-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.74-2%3Fdistro=trixie
4
url pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
purl pkg:deb/debian/stunnel4@3:5.78-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie
aliases CVE-2003-0740
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7ec-9s3a-m3bb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/stunnel4@3:5.78-2%3Fdistro=trixie