{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","type":"deb","namespace":"debian","name":"wolfssl","version":"5.9.1-0.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61375?format=json","vulnerability_id":"VCID-14yd-vsj7-e3bv","summary":"The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566","reference_id":"","reference_type":"","scores":[{"value":"0.93538","scoring_system":"epss","scoring_elements":"0.99838","published_at":"2026-06-09T12:55:00Z"},{"value":"0.93538","scoring_system":"epss","scoring_elements":"0.99837","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html","reference_id":"0101.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7","reference_id":"1015-security-advisory-7","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"},{"reference_url":"http://www.securitytracker.com/id/1031029","reference_id":"1031029","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031029"},{"reference_url":"http://www.securitytracker.com/id/1031039","reference_id":"1031039","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031039"},{"reference_url":"http://www.securitytracker.com/id/1031085","reference_id":"1031085","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031085"},{"reference_url":"http://www.securitytracker.com/id/1031086","reference_id":"1031086","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031086"},{"reference_url":"http://www.securitytracker.com/id/1031087","reference_id":"1031087","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031087"},{"reference_url":"http://www.securitytracker.com/id/1031088","reference_id":"1031088","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031088"},{"reference_url":"http://www.securitytracker.com/id/1031089","reference_id":"1031089","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031089"},{"reference_url":"http://www.securitytracker.com/id/1031090","reference_id":"1031090","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031090"},{"reference_url":"http://www.securitytracker.com/id/1031091","reference_id":"1031091","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031091"},{"reference_url":"http://www.securitytracker.com/id/1031092","reference_id":"1031092","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031092"},{"reference_url":"http://www.securitytracker.com/id/1031093","reference_id":"1031093","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031093"},{"reference_url":"http://www.securitytracker.com/id/1031094","reference_id":"1031094","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031094"},{"reference_url":"http://www.securitytracker.com/id/1031095","reference_id":"1031095","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031095"},{"reference_url":"http://www.securitytracker.com/id/1031096","reference_id":"1031096","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031096"},{"reference_url":"http://www.securitytracker.com/id/1031105","reference_id":"1031105","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031105"},{"reference_url":"http://www.securitytracker.com/id/1031106","reference_id":"1031106","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031106"},{"reference_url":"http://www.securitytracker.com/id/1031107","reference_id":"1031107","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031107"},{"reference_url":"http://www.securitytracker.com/id/1031120","reference_id":"1031120","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031120"},{"reference_url":"http://www.securitytracker.com/id/1031123","reference_id":"1031123","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031123"},{"reference_url":"http://www.securitytracker.com/id/1031124","reference_id":"1031124","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031124"},{"reference_url":"http://www.securitytracker.com/id/1031130","reference_id":"1031130","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031130"},{"reference_url":"http://www.securitytracker.com/id/1031131","reference_id":"1031131","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031131"},{"reference_url":"http://www.securitytracker.com/id/1031132","reference_id":"1031132","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031132"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789","reference_id":"1152789","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789"},{"reference_url":"https://access.redhat.com/articles/1232123","reference_id":"1232123","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://access.redhat.com/articles/1232123"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html","reference_id":"141114.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html","reference_id":"141158.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html","reference_id":"142330.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html","reference_id":"169361.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html","reference_id":"169374.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"},{"reference_url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html","reference_id":"2014-10-14-how-poodle-happened.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"},{"reference_url":"https://technet.microsoft.com/library/security/3009008.aspx","reference_id":"3009008.aspx","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://technet.microsoft.com/library/security/3009008.aspx"},{"reference_url":"http://www.securityfocus.com/archive/1/533746","reference_id":"533746","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/archive/1/533746"},{"reference_url":"http://www.securityfocus.com/archive/1/533747","reference_id":"533747","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/archive/1/533747"},{"reference_url":"http://www.kb.cert.org/vuls/id/577193","reference_id":"577193","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.kb.cert.org/vuls/id/577193"},{"reference_url":"http://secunia.com/advisories/59627","reference_id":"59627","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/59627"},{"reference_url":"http://secunia.com/advisories/60056","reference_id":"60056","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60056"},{"reference_url":"http://secunia.com/advisories/60206","reference_id":"60206","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60206"},{"reference_url":"http://secunia.com/advisories/60792","reference_id":"60792","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60792"},{"reference_url":"http://secunia.com/advisories/60859","reference_id":"60859","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60859"},{"reference_url":"http://secunia.com/advisories/61019","reference_id":"61019","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61019"},{"reference_url":"http://secunia.com/advisories/61130","reference_id":"61130","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61130"},{"reference_url":"http://secunia.com/advisories/61303","reference_id":"61303","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61303"},{"reference_url":"http://secunia.com/advisories/61316","reference_id":"61316","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61316"},{"reference_url":"http://secunia.com/advisories/61345","reference_id":"61345","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61345"},{"reference_url":"http://secunia.com/advisories/61359","reference_id":"61359","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61359"},{"reference_url":"http://secunia.com/advisories/61782","reference_id":"61782","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61782"},{"reference_url":"http://secunia.com/advisories/61810","reference_id":"61810","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61810"},{"reference_url":"http://secunia.com/advisories/61819","reference_id":"61819","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61819"},{"reference_url":"http://secunia.com/advisories/61825","reference_id":"61825","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61825"},{"reference_url":"http://secunia.com/advisories/61827","reference_id":"61827","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61827"},{"reference_url":"http://secunia.com/advisories/61926","reference_id":"61926","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61926"},{"reference_url":"http://secunia.com/advisories/61995","reference_id":"61995","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61995"},{"reference_url":"http://www.securityfocus.com/bid/70574","reference_id":"70574","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/bid/70574"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539","reference_id":"765539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702","reference_id":"765702","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164","reference_id":"768164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904","reference_id":"769904","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359","reference_id":"771359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203","reference_id":"advisories?name=MDVSA-2014:203","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062","reference_id":"advisories?name=MDVSA-2015:062","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"},{"reference_url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html","reference_id":"AST-2014-011.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html"},{"reference_url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html","reference_id":"attack-of-week-poodle.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle","reference_id":"cisco-sa-20141015-poodle","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"},{"reference_url":"http://support.citrix.com/article/CTX200238","reference_id":"CTX200238","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://support.citrix.com/article/CTX200238"},{"reference_url":"https://support.citrix.com/article/CTX216642","reference_id":"CTX216642","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.citrix.com/article/CTX216642"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html","reference_id":"CVE-2014-3566.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"},{"reference_url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip","reference_id":"cve-2014-3566-removing-sslv3-from-big-ip","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"},{"reference_url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581","reference_id":"display?docId=emr_na-c04583581","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"},{"reference_url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034","reference_id":"display?docId=emr_na-c04779034","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635","reference_id":"docDisplay?docId=emr_na-c04819635","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681","reference_id":"docDisplay?docId=emr_na-c05068681","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667","reference_id":"docDisplay?docId=emr_na-c05157667","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946","reference_id":"docDisplay?docId=emr_na-c05301946","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"},{"reference_url":"https://www.suse.com/support/kb/doc.php?id=7015773","reference_id":"doc.php?id=7015773","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.suse.com/support/kb/doc.php?id=7015773"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431","reference_id":"docview.wss?uid=isg3T1021431","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439","reference_id":"docview.wss?uid=isg3T1021439","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997","reference_id":"docview.wss?uid=swg21686997","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172","reference_id":"docview.wss?uid=swg21687172","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611","reference_id":"docview.wss?uid=swg21687611","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611"},{"reference_url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165","reference_id":"docview.wss?uid=swg21688165","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283","reference_id":"docview.wss?uid=swg21688283","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299","reference_id":"docview.wss?uid=swg21692299","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299"},{"reference_url":"http://www.debian.org/security/2014/dsa-3053","reference_id":"dsa-3053","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2014/dsa-3053"},{"reference_url":"http://www.debian.org/security/2015/dsa-3144","reference_id":"dsa-3144","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2015/dsa-3144"},{"reference_url":"http://www.debian.org/security/2015/dsa-3147","reference_id":"dsa-3147","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2015/dsa-3147"},{"reference_url":"http://www.debian.org/security/2016/dsa-3489","reference_id":"dsa-3489","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2016/dsa-3489"},{"reference_url":"https://security.gentoo.org/glsa/201411-10","reference_id":"GLSA-201411-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-10"},{"reference_url":"https://security.gentoo.org/glsa/201507-14","reference_id":"GLSA-201507-14","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://security.gentoo.org/glsa/201507-14"},{"reference_url":"https://security.gentoo.org/glsa/201606-11","reference_id":"GLSA-201606-11","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://security.gentoo.org/glsa/201606-11"},{"reference_url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566","reference_id":"how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"},{"reference_url":"http://support.apple.com/HT204244","reference_id":"HT204244","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://support.apple.com/HT204244"},{"reference_url":"https://support.apple.com/kb/HT6527","reference_id":"HT6527","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6527"},{"reference_url":"https://support.apple.com/kb/HT6529","reference_id":"HT6529","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6529"},{"reference_url":"https://support.apple.com/kb/HT6531","reference_id":"HT6531","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6531"},{"reference_url":"https://support.apple.com/kb/HT6535","reference_id":"HT6535","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6535"},{"reference_url":"https://support.apple.com/kb/HT6541","reference_id":"HT6541","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6541"},{"reference_url":"https://support.apple.com/kb/HT6542","reference_id":"HT6542","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6542"},{"reference_url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm","reference_id":"hw-405500.htm","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"},{"reference_url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02","reference_id":"ICSMA-18-058-02","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","reference_id":"index?page=content&id=JSA10705","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090","reference_id":"index?page=content&id=SB10090","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091","reference_id":"index?page=content&id=SB10091","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104","reference_id":"index?page=content&id=SB10104","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2","reference_id":"?l=bugtraq&m=141450452204552&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2","reference_id":"?l=bugtraq&m=141450973807288&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2","reference_id":"?l=bugtraq&m=141477196830952&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2","reference_id":"?l=bugtraq&m=141576815022399&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2","reference_id":"?l=bugtraq&m=141577087123040&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2","reference_id":"?l=bugtraq&m=141577350823734&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2","reference_id":"?l=bugtraq&m=141620103726640&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2","reference_id":"?l=bugtraq&m=141628688425177&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2","reference_id":"?l=bugtraq&m=141694355519663&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2","reference_id":"?l=bugtraq&m=141697638231025&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2","reference_id":"?l=bugtraq&m=141697676231104&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2","reference_id":"?l=bugtraq&m=141703183219781&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2","reference_id":"?l=bugtraq&m=141715130023061&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2","reference_id":"?l=bugtraq&m=141775427104070&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2","reference_id":"?l=bugtraq&m=141813976718456&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2","reference_id":"?l=bugtraq&m=141814011518700&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2","reference_id":"?l=bugtraq&m=141879378918327&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2","reference_id":"?l=bugtraq&m=142103967620673&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","reference_id":"?l=bugtraq&m=142118135300698&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2","reference_id":"?l=bugtraq&m=142296755107581&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2","reference_id":"?l=bugtraq&m=142350196615714&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2","reference_id":"?l=bugtraq&m=142350298616097&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2","reference_id":"?l=bugtraq&m=142350743917559&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2","reference_id":"?l=bugtraq&m=142354438527235&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2","reference_id":"?l=bugtraq&m=142357976805598&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2","reference_id":"?l=bugtraq&m=142495837901899&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2","reference_id":"?l=bugtraq&m=142496355704097&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2","reference_id":"?l=bugtraq&m=142546741516006&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2","reference_id":"?l=bugtraq&m=142607790919348&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2","reference_id":"?l=bugtraq&m=142624590206005&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067","reference_id":"?l=bugtraq&m=142624619906067","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624619906067"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2","reference_id":"?l=bugtraq&m=142624619906067&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2","reference_id":"?l=bugtraq&m=142624679706236&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2","reference_id":"?l=bugtraq&m=142624719706349&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2","reference_id":"?l=bugtraq&m=142721830231196&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2","reference_id":"?l=bugtraq&m=142721887231400&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2","reference_id":"?l=bugtraq&m=142740155824959&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2","reference_id":"?l=bugtraq&m=142791032306609&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2","reference_id":"?l=bugtraq&m=142804214608580&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2","reference_id":"?l=bugtraq&m=142805027510172&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2","reference_id":"?l=bugtraq&m=142962817202793&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2","reference_id":"?l=bugtraq&m=143039249603103&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2","reference_id":"?l=bugtraq&m=143101048219218&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2","reference_id":"?l=bugtraq&m=143290371927178&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2","reference_id":"?l=bugtraq&m=143290437727362&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2","reference_id":"?l=bugtraq&m=143290522027658&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2","reference_id":"?l=bugtraq&m=143290583027876&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2","reference_id":"?l=bugtraq&m=143558137709884&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2","reference_id":"?l=bugtraq&m=143558192010071&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2","reference_id":"?l=bugtraq&m=143628269912142&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2","reference_id":"?l=bugtraq&m=144101915224472&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2","reference_id":"?l=bugtraq&m=144251162130364&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2","reference_id":"?l=bugtraq&m=144294141001552&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2","reference_id":"?l=bugtraq&m=145983526810210&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2"},{"reference_url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2","reference_id":"?l=openssl-dev&m=141333049205629&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0416.html","reference_id":"MGASA-2014-0416.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://advisories.mageia.org/MGASA-2014-0416.html"},{"reference_url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf","reference_id":"MOVEitReleaseNotes82.pdf","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html","reference_id":"msg00026.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html","reference_id":"msg00033.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html","reference_id":"msg00036.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html","reference_id":"msg00066.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"},{"reference_url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6","reference_id":"multiple_vulnerabilities_in_openssl6","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"},{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc","reference_id":"NetBSD-SA2014-015.txt.asc","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"},{"reference_url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/","reference_id":"node-v0-10-33-stable","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20141015-0001/","reference_id":"ntap-20141015-0001","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://security.netapp.com/advisory/ntap-20141015-0001/"},{"reference_url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc","reference_id":"openssl_advisory11.asc","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"},{"reference_url":"https://support.lenovo.com/product_security/poodle","reference_id":"poodle","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.lenovo.com/product_security/poodle"},{"reference_url":"https://support.lenovo.com/us/en/product_security/poodle","reference_id":"poodle","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.lenovo.com/us/en/product_security/poodle"},{"reference_url":"https://www.imperialviolet.org/2014/10/14/poodle.html","reference_id":"poodle.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.imperialviolet.org/2014/10/14/poodle.html"},{"reference_url":"https://github.com/mpgn/poodle-PoC","reference_id":"poodle-PoC","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://github.com/mpgn/poodle-PoC"},{"reference_url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability","reference_id":"poodle-sslv3-vulnerability","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html","reference_id":"RHSA-2014-1652.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html","reference_id":"RHSA-2014-1653.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html","reference_id":"RHSA-2014-1692.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1876","reference_id":"RHSA-2014:1876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1876"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html","reference_id":"RHSA-2014-1876.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1877","reference_id":"RHSA-2014:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1877"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html","reference_id":"RHSA-2014-1877.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1880","reference_id":"RHSA-2014:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1880"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html","reference_id":"RHSA-2014-1880.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1881","reference_id":"RHSA-2014:1881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1881"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html","reference_id":"RHSA-2014-1881.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1882","reference_id":"RHSA-2014:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1882"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html","reference_id":"RHSA-2014-1882.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1920","reference_id":"RHSA-2014:1920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1920"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html","reference_id":"RHSA-2014-1920.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html","reference_id":"RHSA-2014-1948.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0010","reference_id":"RHSA-2015:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0011","reference_id":"RHSA-2015:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0012","reference_id":"RHSA-2015:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0067","reference_id":"RHSA-2015:0067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0068","reference_id":"RHSA-2015:0068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0068"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html","reference_id":"RHSA-2015-0068.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0069","reference_id":"RHSA-2015:0069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0079","reference_id":"RHSA-2015:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0079"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html","reference_id":"RHSA-2015-0079.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0080","reference_id":"RHSA-2015:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0080"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html","reference_id":"RHSA-2015-0080.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0085","reference_id":"RHSA-2015:0085","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0085"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html","reference_id":"RHSA-2015-0085.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0086","reference_id":"RHSA-2015:0086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0086"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html","reference_id":"RHSA-2015-0086.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0264","reference_id":"RHSA-2015:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0264"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html","reference_id":"RHSA-2015-0264.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"RHSA-2015-0698.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1545","reference_id":"RHSA-2015:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1545"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html","reference_id":"RHSA-2015-1545.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1546","reference_id":"RHSA-2015:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1546"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html","reference_id":"RHSA-2015-1546.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa83","reference_id":"sa83","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://bto.bluecoat.com/security-advisory/sa83"},{"reference_url":"https://www.openssl.org/news/secadv_20141015.txt","reference_id":"secadv_20141015.txt","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.openssl.org/news/secadv_20141015.txt"},{"reference_url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx","reference_id":"security-advisory-3009008-released.aspx","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983","reference_id":"show_bug.cgi?id=1076983","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"},{"reference_url":"https://www.openssl.org/~bodo/ssl-poodle.pdf","reference_id":"ssl-poodle.pdf","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.openssl.org/~bodo/ssl-poodle.pdf"},{"reference_url":"http://www.us-cert.gov/ncas/alerts/TA14-290A","reference_id":"TA14-290A","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.us-cert.gov/ncas/alerts/TA14-290A"},{"reference_url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/","reference_id":"the-poodle-attack-and-the-end-of-ssl-3-0","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"},{"reference_url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html","reference_id":"this-poodle-bites-exploiting-ssl-30.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"},{"reference_url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded"},{"reference_url":"https://usn.ubuntu.com/2486-1/","reference_id":"USN-2486-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2486-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2486-1","reference_id":"USN-2486-1","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.ubuntu.com/usn/USN-2486-1"},{"reference_url":"https://usn.ubuntu.com/2487-1/","reference_id":"USN-2487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2487-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2487-1","reference_id":"USN-2487-1","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.ubuntu.com/usn/USN-2487-1"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html","reference_id":"VMSA-2015-0003.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html"},{"reference_url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","reference_id":"Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135149?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-3566"],"risk_score":6.2,"exploitability":"2.0","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14yd-vsj7-e3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52907?format=json","vulnerability_id":"VCID-1bh8-jyua-7bfe","summary":"Cryptographic Issues\nAn issue was discovered in the DTLS handshake implementation in wolfSSL. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24585","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46887","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46953","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46956","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46937","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46908","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46918","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24585"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24585","reference_id":"CVE-2020-24585","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135180?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-24585"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bh8-jyua-7bfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105517?format=json","vulnerability_id":"VCID-1e4q-9ndy-1fdw","summary":"Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds read in ALPN handling when built with ALPN enabled (HAVE_ALPN / --enable-alpn). A crafted ALPN protocol list could trigger an out-of-bounds read, leading to a potential process crash (denial of service). Note that ALPN is disabled by default, but is enabled for these 3rd party compatibility features: enable-apachehttpd, enable-bind, enable-curl, enable-haproxy, enable-hitch, enable-lighty, enable-jni, enable-nginx, enable-quic.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3547","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16846","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16841","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16804","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16723","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3547"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9859","reference_id":"9859","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-21T03:33:12Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9859"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3547"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1e4q-9ndy-1fdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105509?format=json","vulnerability_id":"VCID-1hna-zq78-ckfr","summary":"In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519 feature. While the side-channel attack on extracting a private key would be very difficult to execute in practice, enabling blinding provides an additional layer of protection for devices that may be more susceptible to physical access or side-channel observation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7396","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28281","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28231","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28189","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28147","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025","reference_id":"ChangeLog.md#wolfssl-release-582-july-17-2025","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-21T15:04:36Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-7396"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hna-zq78-ckfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105525?format=json","vulnerability_id":"VCID-1mgs-hqst-n7dc","summary":"Two potential heap out-of-bounds write locations existed in DecodeObjectId() in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values (out[0] and out[1]), enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass sizeof(decOid) (64 bytes on 64-bit platforms) instead of the element count MAX_OID_SZ (32), causing the function to accept crafted OIDs with 33 or more arcs that write past the end of the allocated buffer.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5187","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17461","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17455","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.1742","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.1734","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5187"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:03:11Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5187"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mgs-hqst-n7dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105530?format=json","vulnerability_id":"VCID-1mu1-swnx-ekdw","summary":"Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5392","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03159","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03167","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03115","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03097","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5392"},{"reference_url":"https://github.com/wolfssl/wolfssl/pull/10039","reference_id":"10039","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:08:38Z/"}],"url":"https://github.com/wolfssl/wolfssl/pull/10039"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5392"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mu1-swnx-ekdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105527?format=json","vulnerability_id":"VCID-1v87-8qdx-jkd3","summary":"URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL would accept them as valid.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5263","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06768","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06772","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0676","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06718","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5263","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5263"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10048","reference_id":"10048","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:08:58Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10048"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5263"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1v87-8qdx-jkd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62920?format=json","vulnerability_id":"VCID-1y2r-x2bn-eqfx","summary":"wolfSSL: wolfSSL: Heap buffer overflow via AuthorityKeyIdentifier size confusion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5447.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5447","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10632","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10618","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10533","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10656","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5447"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10112","reference_id":"10112","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:07:18Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10112"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457074","reference_id":"2457074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457074"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5447"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1y2r-x2bn-eqfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105488?format=json","vulnerability_id":"VCID-21yh-r4wn-vycj","summary":"Generating the ECDSA nonce k samples a random number r and then  truncates this randomness with a modular reduction mod n where n is the  order of the elliptic curve. Meaning k = r mod n. The division used  during the reduction estimates a factor q_e by dividing the upper two  digits (a digit having e.g. a size of 8 byte) of r by the upper digit of  n and then decrements q_e in a loop until it has the correct size.  Observing the number of times q_e is decremented through a control-flow  revealing side-channel reveals a bias in the most significant bits of  k. Depending on the curve this is either a negligible bias or a  significant bias large enough to reconstruct k with lattice reduction  methods. For SECP160R1, e.g., we find a bias of 15 bits.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1544","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35725","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35778","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35788","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35748","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35709","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1544"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081789","reference_id":"1081789","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081789"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7020","reference_id":"7020","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:14:00Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7020"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable","reference_id":"v5.7.2-stable","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:14:00Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135192?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-1544"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21yh-r4wn-vycj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105490?format=json","vulnerability_id":"VCID-27g9-3n95-kkbt","summary":"Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2881","reference_id":"","reference_type":"","scores":[{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61829","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61838","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61827","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61812","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2881"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable","reference_id":"v5.7.0-stable","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:18:26Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135191?format=json","purl":"pkg:deb/debian/wolfssl@5.7.0-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.0-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-2881"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27g9-3n95-kkbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105533?format=json","vulnerability_id":"VCID-2mxe-zjgz-eya1","summary":"X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5448","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05351","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05333","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05327","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05288","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5448"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10071","reference_id":"10071","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:51:49Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10071"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5448"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2mxe-zjgz-eya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105484?format=json","vulnerability_id":"VCID-3c4f-5bsw-4fdb","summary":"In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6936","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50995","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51023","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51029","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51008","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50978","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357","reference_id":"1059357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/6949/","reference_id":"6949","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-27T14:22:41Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/6949/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135190?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2023-6936"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3c4f-5bsw-4fdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105542?format=json","vulnerability_id":"VCID-3qw3-uf66-9fgh","summary":"When restoring a session from cache, a pointer from the serialized session data is used in a free operation without validation. An attacker who can poison the session cache could trigger an arbitrary free. Exploitation requires the ability to inject a crafted session into the cache and for the application to call specific session restore APIs.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5507","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03929","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03927","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03914","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03893","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5507"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10088","reference_id":"10088","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:38:30Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10088"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5507"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qw3-uf66-9fgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105443?format=json","vulnerability_id":"VCID-3wb8-xy89-bkbj","summary":"CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2903","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43868","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43938","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43946","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43921","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43886","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43896","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2903"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2903"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646","reference_id":"792646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135149?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2903"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wb8-xy89-bkbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105544?format=json","vulnerability_id":"VCID-4ew4-thck-5uhw","summary":"Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing a large out-of-bounds read and crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5778","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16178","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16169","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16124","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16038","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5778"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10125","reference_id":"10125","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:53:21Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10125"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5778"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ew4-thck-5uhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105510?format=json","vulnerability_id":"VCID-4wdg-hnpa-53da","summary":"A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wc_PKCS7_BuildSignedAttributes(), when adding custom signed attributes, the code passes an incorrect capacity value (esd->signedAttribsCount) to EncodeAttributes() instead of the remaining available space in the fixed-size signedAttribs[7] array. When an application sets pkcs7->signedAttribsSz to a value greater than MAX_SIGNED_ATTRIBS_SZ (default 7) minus the number of default attributes already added, EncodeAttributes() writes beyond the array bounds, causing stack memory corruption. In WOLFSSL_SMALL_STACK builds, this becomes heap corruption. Exploitation requires an application that allows untrusted input to control the signedAttribs array size when calling wc_PKCS7_EncodeSignedData() or related signing functions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0819","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06077","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06074","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06027","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0819"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9630","reference_id":"9630","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-19T17:19:26Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9630"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-0819"],"risk_score":1.0,"exploitability":"0.5","weighted_severity":"2.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4wdg-hnpa-53da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105531?format=json","vulnerability_id":"VCID-4z69-5qtt-4yc2","summary":"Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5393","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16406","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16404","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1636","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16279","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5393"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5393","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5393"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10079","reference_id":"10079","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T15:02:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10079"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5393"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z69-5qtt-4yc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54013?format=json","vulnerability_id":"VCID-58hd-b1vd-4bh7","summary":"Improper Certificate Validation\n`DoTls13CertificateVerify` in `tls13.c` in wolfSSL does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3336","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39567","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39654","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39657","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.3963","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39602","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39618","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3336"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3336","reference_id":"CVE-2021-3336","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3336"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135182?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2021-3336"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-58hd-b1vd-4bh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105439?format=json","vulnerability_id":"VCID-5cqn-3888-afed","summary":"wolfssl before 3.2.0 does not properly issue certificates for a server's hostname.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2901","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32057","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32129","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32098","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3206","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32028","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32051","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2901"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646","reference_id":"792646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135149?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2901"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5cqn-3888-afed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105513?format=json","vulnerability_id":"VCID-5cxz-5fy8-t7at","summary":"A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and corrupt heap memory. A maliciously crafted session would need to be loaded from an external source to trigger this vulnerability. Internal sessions were not vulnerable.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2646","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1219","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12309","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12308","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12273","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2646"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9748","reference_id":"9748","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:43:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9748"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9949","reference_id":"9949","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:43:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-2646"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5cxz-5fy8-t7at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105486?format=json","vulnerability_id":"VCID-5m5d-nsng-3fax","summary":"Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0901","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54122","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54126","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54133","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54123","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54099","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0901"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067799","reference_id":"1067799","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067799"},{"reference_url":"https://github.com/wolfSSL/wolfssl/issues/7089","reference_id":"7089","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T18:38:31Z/"}],"url":"https://github.com/wolfSSL/wolfssl/issues/7089"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7099","reference_id":"7099","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T18:38:31Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7099"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135191?format=json","purl":"pkg:deb/debian/wolfssl@5.7.0-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.0-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-0901"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5m5d-nsng-3fax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105458?format=json","vulnerability_id":"VCID-5qrr-j1ew-vudw","summary":"wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13099","reference_id":"","reference_type":"","scores":[{"value":"0.76906","scoring_system":"epss","scoring_elements":"0.98976","published_at":"2026-06-04T12:55:00Z"},{"value":"0.76906","scoring_system":"epss","scoring_elements":"0.98978","published_at":"2026-06-08T12:55:00Z"},{"value":"0.76906","scoring_system":"epss","scoring_elements":"0.9898","published_at":"2026-06-06T12:55:00Z"},{"value":"0.76906","scoring_system":"epss","scoring_elements":"0.98979","published_at":"2026-06-07T12:55:00Z"},{"value":"0.76906","scoring_system":"epss","scoring_elements":"0.98977","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884235","reference_id":"884235","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884235"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135166?format=json","purl":"pkg:deb/debian/wolfssl@3.13.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.13.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2017-13099"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qrr-j1ew-vudw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105461?format=json","vulnerability_id":"VCID-5sd5-1suq-1kf7","summary":"In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6076","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35834","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3593","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35939","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.359","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35858","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35873","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6076"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856114","reference_id":"856114","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856114"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135170?format=json","purl":"pkg:deb/debian/wolfssl@3.10.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.10.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2017-6076"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5sd5-1suq-1kf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52906?format=json","vulnerability_id":"VCID-5x5v-6ze5-cuc4","summary":"Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)\nAn issue was discovered in wolfSSL when single precision is not employed. signing with a private key).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15309","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27828","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27895","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27843","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27805","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27755","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27762","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15309"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15309","reference_id":"CVE-2020-15309","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15309"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135180?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-15309"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5x5v-6ze5-cuc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41219?format=json","vulnerability_id":"VCID-629d-xwz6-r3gw","summary":"Information Exposure Through Discrepancy\nIn wolfSSL, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-24116","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48642","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48703","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48712","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48693","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48664","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48679","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-24116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24116"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991663","reference_id":"991663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-24116","reference_id":"CVE-2021-24116","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-24116"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135181?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2021-24116"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-629d-xwz6-r3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105496?format=json","vulnerability_id":"VCID-6kuu-zu9a-5bc8","summary":"The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11932","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03641","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0365","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03669","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03665","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11932"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121197","reference_id":"1121197","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121197"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9223","reference_id":"9223","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:17:20Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-11932"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6kuu-zu9a-5bc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105478?format=json","vulnerability_id":"VCID-7awz-t7tt-8kcp","summary":"An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38152","reference_id":"","reference_type":"","scores":[{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.83629","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.83653","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.83654","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.8365","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.83643","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01911","scoring_system":"epss","scoring_elements":"0.83657","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38152"},{"reference_url":"https://github.com/tlspuffin/tlspuffin","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/tlspuffin/tlspuffin"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/5468","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/5468"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021","reference_id":"1021021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38152","reference_id":"CVE-2022-38152","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38152"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135187?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-38152"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7awz-t7tt-8kcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105475?format=json","vulnerability_id":"VCID-7b4d-ecez-bqg9","summary":"examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6439","reference_id":"","reference_type":"","scores":[{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78761","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78787","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78795","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78785","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78774","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78792","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135174?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-6439"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7b4d-ecez-bqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105470?format=json","vulnerability_id":"VCID-7bhq-zas6-p3ga","summary":"In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16748","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.6093","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60979","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60986","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60976","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60959","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60975","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16748"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135175?format=json","purl":"pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.2.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-16748"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7bhq-zas6-p3ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105472?format=json","vulnerability_id":"VCID-7hfd-sjyy-n3de","summary":"In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19960","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58165","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58214","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58223","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58212","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58197","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19960"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135178?format=json","purl":"pkg:deb/debian/wolfssl@4.3.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.3.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-19960"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hfd-sjyy-n3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105500?format=json","vulnerability_id":"VCID-7pfp-gtnt-s7ch","summary":"With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS (perfect forward secrecy) and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing psk_dhe_ke without a key_share extension. The re-use of an authenticated PSK connection that on the clients side unexpectedly did not have PFS, reduces the security of the connection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11935","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02023","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02047","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02054","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02043","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0203","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121200","reference_id":"1121200","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121200"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9112","reference_id":"9112","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-25T18:43:57Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9112"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-25T18:43:57Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-11935"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pfp-gtnt-s7ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105493?format=json","vulnerability_id":"VCID-7vfv-t74n-nkc9","summary":"In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5991","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29107","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29039","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29051","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2914","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29072","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5991"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081788","reference_id":"1081788","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081788"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135192?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-5991"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vfv-t74n-nkc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105491?format=json","vulnerability_id":"VCID-81v7-nqd8-3ufq","summary":"An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys,  such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5288","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25244","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25136","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25147","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2526","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25194","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5288"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081790","reference_id":"1081790","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081790"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable","reference_id":"v5.7.2-stable","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:22:54Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135192?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-5288"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81v7-nqd8-3ufq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105503?format=json","vulnerability_id":"VCID-88sp-resj-53g6","summary":"Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12888","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03107","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03038","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03003","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03097","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03055","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12888"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121204","reference_id":"1121204","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121204"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-12888"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-88sp-resj-53g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105535?format=json","vulnerability_id":"VCID-8f2q-rfdy-bqh6","summary":"wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the signature blob via `mp_read_unsigned_bin` with no check that they lie in `[1, q-1]`. A crafted forged signature could verify against any message for any identity, using only publicly-known constants.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5466","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0063","published_at":"2026-06-06T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00628","published_at":"2026-06-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00624","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5466"},{"reference_url":"https://github.com/wolfssl/wolfssl/pull/10102","reference_id":"10102","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T13:43:28Z/"}],"url":"https://github.com/wolfssl/wolfssl/pull/10102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5466"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8f2q-rfdy-bqh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105497?format=json","vulnerability_id":"VCID-8kpr-8yx2-ukak","summary":"Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11933","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19968","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20061","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20056","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20017","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19951","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11933"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121198","reference_id":"1121198","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121198"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9132","reference_id":"9132","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:20:56Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9132"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:20:56Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-11933"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kpr-8yx2-ukak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105477?format=json","vulnerability_id":"VCID-95ja-be1w-9fej","summary":"wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34293","reference_id":"","reference_type":"","scores":[{"value":"0.00956","scoring_system":"epss","scoring_elements":"0.76785","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00956","scoring_system":"epss","scoring_elements":"0.76818","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00956","scoring_system":"epss","scoring_elements":"0.76825","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00956","scoring_system":"epss","scoring_elements":"0.76815","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00956","scoring_system":"epss","scoring_elements":"0.76804","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00956","scoring_system":"epss","scoring_elements":"0.76826","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34293"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.4.0-stable","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.4.0-stable"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/08/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/08/6"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016981","reference_id":"1016981","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016981"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34293","reference_id":"CVE-2022-34293","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34293"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135187?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-34293"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95ja-be1w-9fej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105473?format=json","vulnerability_id":"VCID-9fk6-ek9u-hycp","summary":"wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19962","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39885","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39968","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39971","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39944","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39917","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39933","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19962"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135178?format=json","purl":"pkg:deb/debian/wolfssl@4.3.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.3.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-19962"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fk6-ek9u-hycp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52916?format=json","vulnerability_id":"VCID-9jkq-wyy3-13c4","summary":"Improper Certificate Validation\nwolfSSL mishandles TLS server data in the `WAIT_CERT_CR` state, within `SanityCheckTls13MsgReceived()` in `tls13.c`. This is an incorrect implementation of the TLS client state machine. This allows attackers in a privileged network position to completely impersonate any TLS servers, and read or modify potentially sensitive information between clients using the wolfSSL library and these TLS servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24613","reference_id":"","reference_type":"","scores":[{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49392","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49453","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49464","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49447","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49417","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49429","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24613"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24613","reference_id":"CVE-2020-24613","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24613"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135180?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-24613"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9jkq-wyy3-13c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41239?format=json","vulnerability_id":"VCID-9ksn-gbhq-wfah","summary":"Improper Handling of Exceptional Conditions\nwolfSSL does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37155","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66906","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66947","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66956","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6694","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66924","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66941","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37155"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991443","reference_id":"991443","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991443"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37155","reference_id":"CVE-2021-37155","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37155"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135184?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135183?format=json","purl":"pkg:deb/debian/wolfssl@5.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2021-37155"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ksn-gbhq-wfah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52736?format=json","vulnerability_id":"VCID-a432-vjjt-j3ap","summary":"Inadequate Encryption Strength\nThe private-key operations in `ecc.c` in wolfSSL does not use a constant-time modular inverse when mapping to affine coordinates.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11735","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58165","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58214","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58223","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58212","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58197","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11735"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11735","reference_id":"CVE-2020-11735","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11735"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135179?format=json","purl":"pkg:deb/debian/wolfssl@4.4.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.4.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-11735"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a432-vjjt-j3ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105452?format=json","vulnerability_id":"VCID-b1u9-gy89-tyhy","summary":"wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6925","reference_id":"","reference_type":"","scores":[{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75979","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.76005","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75997","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75983","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.76008","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6925","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6925"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801120","reference_id":"801120","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801120"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135161?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2015-6925"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1u9-gy89-tyhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105541?format=json","vulnerability_id":"VCID-b235-3xdn-xfbj","summary":"A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5504","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05083","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05067","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05059","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05019","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5504"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10088","reference_id":"10088","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:33:56Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10088"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5504"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b235-3xdn-xfbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105483?format=json","vulnerability_id":"VCID-b83f-cerf-w3dj","summary":"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:  --enable-all CFLAGS=\"-DWOLFSSL_STATIC_RSA\"  The define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.  Therefore the default build since 3.6.6, even with \"--enable-all\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.  The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6935","reference_id":"","reference_type":"","scores":[{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54954","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54952","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54962","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54933","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357","reference_id":"1059357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357"},{"reference_url":"https://people.redhat.com/~hkario/marvin/","reference_id":"marvin","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T12:48:11Z/"}],"url":"https://people.redhat.com/~hkario/marvin/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135190?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2023-6935"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b83f-cerf-w3dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105540?format=json","vulnerability_id":"VCID-b8fe-hp5x-dbca","summary":"In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach the attacker-controlled publicName to the shared WOLFSSL_CTX when no inner SNI was configured. TLSX_EchRestoreSNI then failed to clean it up because its removal was gated on serverNameX != NULL. The inner ClientHello was sized before the pollution but written after it, causing TLSX_SNI_Write to memcpy 255 bytes past the allocation boundary.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5503","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17036","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17031","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16996","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16913","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5503"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10102","reference_id":"10102","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:58:43Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5503"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8fe-hp5x-dbca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105463?format=json","vulnerability_id":"VCID-brkz-b8xk-vffh","summary":"wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8855","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55339","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55395","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.554","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55389","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55369","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55388","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8855"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870170","reference_id":"870170","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870170"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135167?format=json","purl":"pkg:deb/debian/wolfssl@3.12.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.12.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2017-8855"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brkz-b8xk-vffh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105462?format=json","vulnerability_id":"VCID-c2mu-ygwu-1fgg","summary":"wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8854","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5024","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50301","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50309","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50291","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50261","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5028","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8854"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135170?format=json","purl":"pkg:deb/debian/wolfssl@3.10.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.10.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2017-8854"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2mu-ygwu-1fgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42099?format=json","vulnerability_id":"VCID-c3hk-nvb6-7qhm","summary":"Use of Insufficiently Random Values\nwolfSSL uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS or DTLS This occurs because of misplaced memory initialization in BuildMessage in internal.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23408","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51907","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51916","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51896","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51864","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51883","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23408"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-511-jan-3rd-2022","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-511-jan-3rd-2022"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/4710","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/4710"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004181","reference_id":"1004181","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004181"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23408","reference_id":"CVE-2022-23408","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23408"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135185?format=json","purl":"pkg:deb/debian/wolfssl@5.1.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.1.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-23408"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3hk-nvb6-7qhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41304?format=json","vulnerability_id":"VCID-c77c-44vp-ckdx","summary":"Insufficient Verification of Data Authenticity\nwolfSSL incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38597","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39741","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39827","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39831","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39805","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39778","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39795","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38597"},{"reference_url":"https://www.wolfssl.com/docs/wolfssl-changelog/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/wolfssl-changelog/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992174","reference_id":"992174","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992174"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38597","reference_id":"CVE-2021-38597","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38597"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135184?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135183?format=json","purl":"pkg:deb/debian/wolfssl@5.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2021-38597"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c77c-44vp-ckdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105454?format=json","vulnerability_id":"VCID-cfqm-k2n3-6beq","summary":"The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7438","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31858","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31929","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31898","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31859","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31826","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3185","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7438"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135161?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-7438"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfqm-k2n3-6beq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105447?format=json","vulnerability_id":"VCID-cg1x-mk99-9kez","summary":"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6491.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6491","reference_id":"","reference_type":"","scores":[{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84922","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84946","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84951","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84945","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84936","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8495","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153483","reference_id":"1153483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153483"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-6491"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cg1x-mk99-9kez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105466?format=json","vulnerability_id":"VCID-cjja-mhb2-wbas","summary":"wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet contains the attack data, to be stored in the undefined memory (RAM) of the server. The size of the data is about 65 kB. Possibly the attacker can perform a remote code execution attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11873","reference_id":"","reference_type":"","scores":[{"value":"0.06335","scoring_system":"epss","scoring_elements":"0.9114","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06335","scoring_system":"epss","scoring_elements":"0.91153","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06335","scoring_system":"epss","scoring_elements":"0.91152","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06335","scoring_system":"epss","scoring_elements":"0.9115","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06335","scoring_system":"epss","scoring_elements":"0.91146","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06335","scoring_system":"epss","scoring_elements":"0.91162","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11873"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929468","reference_id":"929468","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929468"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135174?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-11873"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjja-mhb2-wbas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105451?format=json","vulnerability_id":"VCID-crqr-nwzb-gfbb","summary":"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6500.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6500.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6500","reference_id":"","reference_type":"","scores":[{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84922","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84946","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84951","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84945","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84936","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8495","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153487","reference_id":"1153487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153487"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-6500"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-crqr-nwzb-gfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105469?format=json","vulnerability_id":"VCID-csdd-tnvp-pbbt","summary":"wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15651","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.4526","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45329","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45333","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45313","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45287","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.453","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15651"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135176?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-15651"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csdd-tnvp-pbbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105532?format=json","vulnerability_id":"VCID-cuyv-c1k8-63bm","summary":"In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wc_AriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is zero-initialized at session setup and never incremented in non-FIPS builds. This vulnerability affects wolfSSL builds configured with --enable-aria and the proprietary MagicCrypto SDK (a non-default, opt-in configuration required for Korean regulatory deployments). AES-GCM is not affected because wc_AesGcmEncrypt_ex maintains an internal invocation counter independently of the call-site guard.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5446","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11341","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11333","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.113","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11217","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5446"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5446","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5446"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10111","reference_id":"10111","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:11:44Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10111"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5446"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cuyv-c1k8-63bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105504?format=json","vulnerability_id":"VCID-d7mu-j1u1-9kcn","summary":"With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12889","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05493","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05451","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05496","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05511","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05492","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12889"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12889","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12889"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121205","reference_id":"1121205","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121205"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9395","reference_id":"9395","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:15:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-12889"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d7mu-j1u1-9kcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105536?format=json","vulnerability_id":"VCID-daaw-dt6u-pke5","summary":"An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wc_CmacUpdate used the guard `if (cmac->totalSz != 0)` to skip XOR-chaining on the first block (where digest is all-zeros and the XOR is a no-op). However, totalSz is word32 and wraps to zero after 2^28 block flushes (4 GiB), causing the guard to erroneously discard the live CBC-MAC chain state. Any two messages sharing a common suffix beyond the 4 GiB mark then produce identical CMAC tags, enabling a zero-work prefix-substitution forgery. The fix removes the guard, making the XOR unconditional; the no-op property on the first block is preserved because digest is zero-initialized by wc_InitCmac_ex.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5477","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11876","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1187","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11834","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11753","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5477"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10102","reference_id":"10102","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:03:53Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5477"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-daaw-dt6u-pke5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105539?format=json","vulnerability_id":"VCID-db5m-cek2-dugx","summary":"wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker who obtains any leaf certificate from a trusted CA (e.g. a free DV cert from Let's Encrypt) can forge a certificate for any subject name with any public key and arbitrary signature bytes, and the function returns `WOLFSSL_SUCCESS` / `X509_V_OK`. The native wolfSSL TLS handshake path (`ProcessPeerCerts`) is not susceptible and the issue is limited to applications using the OpenSSL compatibility API directly, which would include integrations of wolfSSL into nginx and haproxy.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5501","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06779","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06783","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06772","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06729","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5501"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5501","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5501"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10102","reference_id":"10102","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:55:48Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5501"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-db5m-cek2-dugx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105514?format=json","vulnerability_id":"VCID-ddng-1b35-1uc9","summary":"An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3229","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04483","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04476","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0443","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3229"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9827","reference_id":"9827","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T16:29:39Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3229"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddng-1b35-1uc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52500?format=json","vulnerability_id":"VCID-dta5-8wr3-zbfs","summary":"Use of a Broken or Risky Cryptographic Algorithm\nwolfSSL has mulmod code in `wc_ecc_mulmod_ex` in `ecc.c` that does not properly resist timing side-channel attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11713","reference_id":"","reference_type":"","scores":[{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60596","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60645","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60653","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60641","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60624","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11713"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960190","reference_id":"960190","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960190"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11713","reference_id":"CVE-2020-11713","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11713"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135179?format=json","purl":"pkg:deb/debian/wolfssl@4.4.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.4.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-11713"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dta5-8wr3-zbfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105468?format=json","vulnerability_id":"VCID-e4m1-1zta-abaj","summary":"wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14317","reference_id":"","reference_type":"","scores":[{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60496","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60544","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60548","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60536","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60519","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60535","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14317"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135175?format=json","purl":"pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.2.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-14317"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4m1-1zta-abaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105524?format=json","vulnerability_id":"VCID-e98p-q5xr-gubt","summary":"Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffer via a crafted oversized EC public key point. The WOLFSSL_KCAPI_ECC code path copies the input to key->pubkey_raw (132 bytes) using XMEMCPY without a bounds check, unlike the ATECC code path which includes a length validation. This can be triggered during TLS key exchange when a malicious peer sends a crafted ECPoint in ServerKeyExchange.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4395","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34485","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34501","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34422","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4395"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9988","reference_id":"9988","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/AU:Y/R:U/V:D/RE:L/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T17:09:25Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9988"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-4395"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e98p-q5xr-gubt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105487?format=json","vulnerability_id":"VCID-eak1-udnd-wkd5","summary":"The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to:  https://doi.org/10.46586/tches.v2024.i1.457-500","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1543","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12716","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12601","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12632","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12713","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12683","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1543"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023","reference_id":"ChangeLog.md#wolfssl-release-566-dec-19-2023","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:19:28Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135190?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-1543"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eak1-udnd-wkd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105507?format=json","vulnerability_id":"VCID-ezsk-1v36-g3ca","summary":"In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7394","reference_id":"","reference_type":"","scores":[{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.54301","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.5431","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.54299","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.54276","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109549","reference_id":"1109549","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109549"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025","reference_id":"ChangeLog.md#wolfssl-release-582-july-17-2025","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-21T15:00:11Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135211?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-7394"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezsk-1v36-g3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45670?format=json","vulnerability_id":"VCID-f3m4-vk2w-jbcq","summary":"Improper Certificate Validation\nIf a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM (Input Keying Material) value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. wolfSSL recommends that TLS 1.3 client side users update the version of wolfSSL used.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3724","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34376","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.3442","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34435","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34399","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3724"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/6412","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-29T15:53:34Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/6412"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-29T15:53:34Z/"}],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041699","reference_id":"1041699","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041699"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3724","reference_id":"CVE-2023-3724","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135188?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135189?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2023-3724"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f3m4-vk2w-jbcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105489?format=json","vulnerability_id":"VCID-f514-rnc3-x3f1","summary":"Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1545","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46138","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46173","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46175","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46153","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46127","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1545"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7167","reference_id":"7167","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:19:14Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7167"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable","reference_id":"v5.7.0-stable","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:19:14Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135191?format=json","purl":"pkg:deb/debian/wolfssl@5.7.0-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.0-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-1545"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f514-rnc3-x3f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105518?format=json","vulnerability_id":"VCID-fabz-xh3m-rkg6","summary":"Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of bound writes could be triggered. Note this only affects builds that specifically enable CRL support, and the user would need to load a CRL from an untrusted source.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3548","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10621","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10716","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10706","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3548"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9628/","reference_id":"9628","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-19T18:00:17Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9628/"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9873/","reference_id":"9873","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-19T18:00:17Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9873/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3548"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fabz-xh3m-rkg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53940?format=json","vulnerability_id":"VCID-fc7c-qf8m-2fdt","summary":"Out-of-bounds Write\nRsaPad_PSS in `wolfcrypt/src/rsa.c` in wolfSSL has an out-of-bounds write for certain relationships between key size and digest size.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36177","reference_id":"","reference_type":"","scores":[{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70642","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70692","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70675","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70664","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36177"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979534","reference_id":"979534","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979534"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36177","reference_id":"CVE-2020-36177","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36177"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135181?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-36177"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fc7c-qf8m-2fdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105498?format=json","vulnerability_id":"VCID-fkap-zb8t-pqb3","summary":"Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously could respond as ECDSA P256 being the accepted signature algorithm and the connection would continue with using ECDSA P256, if the client supports ECDSA P256.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11934","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05031","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05052","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05037","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05029","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04991","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11934"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121199","reference_id":"1121199","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121199"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9113","reference_id":"9113","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:22:47Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9113"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:22:47Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-11934"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkap-zb8t-pqb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105467?format=json","vulnerability_id":"VCID-gm24-s4s5-mka3","summary":"wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13628","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34514","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34576","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34558","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34591","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34628","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34611","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13628"},{"reference_url":"https://eprint.iacr.org/2011/232.pdf","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://eprint.iacr.org/2011/232.pdf"},{"reference_url":"https://github.com/wolfSSL/wolfcrypt-py","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wolfSSL/wolfcrypt-py"},{"reference_url":"https://minerva.crocs.fi.muni.cz","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://minerva.crocs.fi.muni.cz"},{"reference_url":"https://minerva.crocs.fi.muni.cz/","reference_id":"","reference_type":"","scores":[],"url":"https://minerva.crocs.fi.muni.cz/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13628","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13628"},{"reference_url":"https://tches.iacr.org/index.php/TCHES/article/view/7337","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tches.iacr.org/index.php/TCHES/article/view/7337"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/02/2","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/10/02/2"},{"reference_url":"https://github.com/advisories/GHSA-q95h-vc86-hv77","reference_id":"GHSA-q95h-vc86-hv77","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q95h-vc86-hv77"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135174?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-13628","GHSA-q95h-vc86-hv77"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gm24-s4s5-mka3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105444?format=json","vulnerability_id":"VCID-h8ee-sx26-qye9","summary":"wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2904","reference_id":"","reference_type":"","scores":[{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45639","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45707","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.4571","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45691","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45665","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45679","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2904"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646","reference_id":"792646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135149?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2904"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8ee-sx26-qye9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105505?format=json","vulnerability_id":"VCID-huka-48kh-efg3","summary":"Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13912","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03888","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03854","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0387","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03891","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03876","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13912"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9148","reference_id":"9148","reference_type":"","scores":[{"value":"1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T19:19:06Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9148"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-13912"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"0.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-huka-48kh-efg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105543?format=json","vulnerability_id":"VCID-jjrt-dss6-9fhj","summary":"A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOST_WILDCARD_ONLY flag is active.  If a wildcard * exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check, which could cause a crash.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5772","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14715","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14722","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1468","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14597","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5772"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10119","reference_id":"10119","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:52:51Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10119"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5772"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjrt-dss6-9fhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105523?format=json","vulnerability_id":"VCID-jshn-yg13-g3hj","summary":"1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4159","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05025","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05009","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05002","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04964","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4159"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9945","reference_id":"9945","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T16:28:57Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9945"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-4159"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jshn-yg13-g3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105482?format=json","vulnerability_id":"VCID-k7x3-kux9-6qg1","summary":"An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via an advanced technique for ECDSA key recovery. (In 5.5.0 and later, WOLFSSL_CHECK_SIG_FAULTS can be used to address the vulnerability.)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42961","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52299","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52278","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5226","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5232","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52327","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52307","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42961"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:43:21Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023574","reference_id":"1023574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023574"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42961","reference_id":"CVE-2022-42961","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42961"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135187?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-42961"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7x3-kux9-6qg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105448?format=json","vulnerability_id":"VCID-knqh-3v2s-vqg2","summary":"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6494","reference_id":"","reference_type":"","scores":[{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77596","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77624","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77632","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77623","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77611","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77631","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153484","reference_id":"1153484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153484"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-6494"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knqh-3v2s-vqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105449?format=json","vulnerability_id":"VCID-m1e2-35p2-qugh","summary":"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6495.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6495.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6495","reference_id":"","reference_type":"","scores":[{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68589","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.6863","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68637","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68615","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68633","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153485","reference_id":"1153485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153485"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-6495"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1e2-35p2-qugh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105516?format=json","vulnerability_id":"VCID-mftr-77sh-abbu","summary":"Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.     This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3503","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0076","published_at":"2026-06-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00763","published_at":"2026-06-06T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00755","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3503"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9734","reference_id":"9734","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T19:24:29Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9734"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3503"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mftr-77sh-abbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105476?format=json","vulnerability_id":"VCID-mr45-hujp-d3a3","summary":"wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44718","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42782","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42856","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42867","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42843","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42806","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42816","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44718"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44718","reference_id":"CVE-2021-44718","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44718"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135184?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135185?format=json","purl":"pkg:deb/debian/wolfssl@5.1.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.1.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2021-44718"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mr45-hujp-d3a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105474?format=json","vulnerability_id":"VCID-mzy9-xubk-qqb1","summary":"An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19963","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58165","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58214","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58223","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58212","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58197","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135178?format=json","purl":"pkg:deb/debian/wolfssl@4.3.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.3.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-19963"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzy9-xubk-qqb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105534?format=json","vulnerability_id":"VCID-n6qk-usr9-aff6","summary":"A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography (PQC) hybrid KeyShare processing. In the error handling path of TLSX_KeyShare_ProcessPqcHybridClient() in src/tls.c, the inner function TLSX_KeyShare_ProcessPqcClient_ex() frees a KyberKey object upon encountering an error. The caller then invokes TLSX_KeyShare_FreeAll(), which attempts to call ForceZero() on the already-freed KyberKey, resulting in writes of zero bytes over freed heap memory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5460","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16618","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16615","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16573","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16491","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5460"},{"reference_url":"https://github.com/wolfssl/wolfssl/pull/10092","reference_id":"10092","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:51:11Z/"}],"url":"https://github.com/wolfssl/wolfssl/pull/10092"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5460"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6qk-usr9-aff6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105508?format=json","vulnerability_id":"VCID-n7uc-ujqj-gkb9","summary":"A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION options results in the wolfSSL  client failing to properly verify the server certificate's domain name,  allowing any certificate issued by a trusted CA to be accepted regardless of the hostname.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7395","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39046","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39051","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39022","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38995","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7395"},{"reference_url":"http://github.com/wolfssl/wolfssl.git","reference_id":"wolfssl.git","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:Y/V:D/U:Red"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T14:56:37Z/"}],"url":"http://github.com/wolfssl/wolfssl.git"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-7395"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7uc-ujqj-gkb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105471?format=json","vulnerability_id":"VCID-npu9-k97x-myeu","summary":"In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18840","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61711","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6176","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61768","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61756","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61741","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61759","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18840"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135177?format=json","purl":"pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.2.0%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2019-18840"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-npu9-k97x-myeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105492?format=json","vulnerability_id":"VCID-nrtb-n1c6-33eq","summary":"A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello.  https://doi.org/10.46586/tches.v2024.i1.457-500","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5814","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4451","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44453","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44466","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44502","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44488","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5814"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081791","reference_id":"1081791","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081791"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later","reference_id":"ChangeLog.md#add_later","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/V:D/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:18:34Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135192?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2024-5814"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrtb-n1c6-33eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105512?format=json","vulnerability_id":"VCID-p421-a8ef-kbaj","summary":"In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 (wolfSSL 5.8.2 and earlier is vulnerable, 5.8.4 is not vulnerable). In 5.8.4 wolfSSL would detect the issue later in the handshake. 5.9.0 was further hardened to catch the issue earlier in the handshake.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2645","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0685","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06854","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06839","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06802","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2645"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2645"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9694","reference_id":"9694","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:45:34Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-2645"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p421-a8ef-kbaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105520?format=json","vulnerability_id":"VCID-paec-uwhh-73dv","summary":"wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted __muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions (sp_256_mul_9, sp_256_sqr_9, etc.), leading to a timing side-channel that may expose sensitive cryptographic data.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3579","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01731","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01737","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01736","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01728","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3579"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9855","reference_id":"9855","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T01:36:44Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3579"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-paec-uwhh-73dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105528?format=json","vulnerability_id":"VCID-pnut-n5we-fuca","summary":"Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5264","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33531","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33546","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33511","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33478","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5264"},{"reference_url":"https://github.com/wolfssl/wolfssl/pull/10076","reference_id":"10076","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-10T13:55:34Z/"}],"url":"https://github.com/wolfssl/wolfssl/pull/10076"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5264"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pnut-n5we-fuca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105495?format=json","vulnerability_id":"VCID-ppc5-5jyj-d7dj","summary":"Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct calls from an application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11931","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0743","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07364","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07374","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07423","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07407","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11931"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121196","reference_id":"1121196","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121196"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9223","reference_id":"9223","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T15:41:59Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-11931"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppc5-5jyj-d7dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105515?format=json","vulnerability_id":"VCID-qgwk-pnn4-bbd7","summary":"Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3230","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.23037","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.23023","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22979","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22924","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3230"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9754","reference_id":"9754","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/AU:Y/R:A/V:D/U:Clear"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T17:08:54Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9754"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3230"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgwk-pnn4-bbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105456?format=json","vulnerability_id":"VCID-rc3e-4puk-13ap","summary":"The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7439","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31858","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31929","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31898","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31859","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31826","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3185","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135161?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-7439"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rc3e-4puk-13ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105537?format=json","vulnerability_id":"VCID-rqn3-sg87-1fa7","summary":"In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption, the implementation computes or accepts the tag but does not compare it against the expected value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5479","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00138","published_at":"2026-06-06T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00136","published_at":"2026-06-07T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00134","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5479"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10102","reference_id":"10102","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T13:43:58Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5479"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqn3-sg87-1fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105519?format=json","vulnerability_id":"VCID-s387-qv17-8ud6","summary":"Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3549","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08188","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08202","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08186","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08135","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3549"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9817","reference_id":"9817","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-24T01:37:47Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3549"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s387-qv17-8ud6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105450?format=json","vulnerability_id":"VCID-s4vc-x6a8-j3dv","summary":"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6496.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6496","reference_id":"","reference_type":"","scores":[{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66104","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66156","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66166","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.6615","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66138","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153486","reference_id":"1153486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153486"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-6496"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4vc-x6a8-j3dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105465?format=json","vulnerability_id":"VCID-s7dg-acft-uqgk","summary":"It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16870","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40215","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40297","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.403","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40272","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40243","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40257","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16870"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918952","reference_id":"918952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918952"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135174?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2018-16870"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7dg-acft-uqgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105521?format=json","vulnerability_id":"VCID-sev9-tcsx-kqcb","summary":"In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_9 is optimized into conditional branches (bnez) by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret keys via timing analysis.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3580","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00426","published_at":"2026-06-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00427","published_at":"2026-06-06T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00422","published_at":"2026-06-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0042","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3580","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3580"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9855","reference_id":"9855","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T20:25:11Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3580"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sev9-tcsx-kqcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105479?format=json","vulnerability_id":"VCID-skb2-gpvv-8bef","summary":"An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket (more than 256 bytes) into a NewSessionTicket message in a TLS 1.2 handshake, and the client has a non-empty session cache, the session cache frees a pointer that points to unallocated memory, causing the client to crash with a \"free(): invalid pointer\" message. NOTE: It is likely that this is also exploitable during TLS 1.3 handshakes between a client and a malicious server. With TLS 1.3, it is not possible to exploit this as a man-in-the-middle.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38153","reference_id":"","reference_type":"","scores":[{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68905","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68944","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68953","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68946","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68929","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68948","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38153"},{"reference_url":"https://github.com/trailofbits/tlspuffin","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/trailofbits/tlspuffin"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/5476","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/5476"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021","reference_id":"1021021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38153","reference_id":"CVE-2022-38153","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38153"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135187?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-38153"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skb2-gpvv-8bef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105480?format=json","vulnerability_id":"VCID-stem-b9ex-mqgh","summary":"In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list of duplicate cipher suites to trigger the buffer overflow. In total, two Client Hellos have to be sent: one in the resumed session, and a second one as a response to a Hello Retry Request message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39173","reference_id":"","reference_type":"","scores":[{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80617","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80602","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80604","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80601","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80597","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80576","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39173"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39173","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39173"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021","reference_id":"1021021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Oct/24","reference_id":"24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Oct/24"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39173","reference_id":"CVE-2022-39173","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39173"},{"reference_url":"http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html","reference_id":"wolfSSL-Buffer-Overflow.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html"},{"reference_url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","reference_id":"wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135187?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-39173"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stem-b9ex-mqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105522?format=json","vulnerability_id":"VCID-suaj-zjx7-2kc1","summary":"Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3849","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45535","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45539","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45518","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45494","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3849"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9737","reference_id":"9737","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/V:D/RE:M/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:21:05Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9737"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-3849"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-suaj-zjx7-2kc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42514?format=json","vulnerability_id":"VCID-swcn-s2dj-hqhp","summary":"Improper Authentication\nIn wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the `certificate_verify` message from the handshake, and never present a certificate.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25640","reference_id":"","reference_type":"","scores":[{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89996","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.90011","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.90008","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.90007","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.90021","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25640"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/4831","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/4831"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25640","reference_id":"CVE-2022-25640","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25640"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135184?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135186?format=json","purl":"pkg:deb/debian/wolfssl@5.2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-25640"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swcn-s2dj-hqhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105485?format=json","vulnerability_id":"VCID-u7zx-6yd7-f3ff","summary":"wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6937","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63613","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63607","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63614","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63605","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63594","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357","reference_id":"1059357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7029","reference_id":"7029","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T15:13:21Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135190?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2023-6937"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7zx-6yd7-f3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105453?format=json","vulnerability_id":"VCID-uq1a-kpsx-yfgp","summary":"wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7744.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7744","reference_id":"","reference_type":"","scores":[{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.86109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.8613","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.86133","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.86118","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.86131","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7744"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301488","reference_id":"1301488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301488"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135161?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2015-7744"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uq1a-kpsx-yfgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105441?format=json","vulnerability_id":"VCID-uqeg-t2mr-xya4","summary":"wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2902","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44642","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44712","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44719","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44697","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44665","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44679","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2902"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646","reference_id":"792646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135149?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2902"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqeg-t2mr-xya4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105501?format=json","vulnerability_id":"VCID-v696-3bjc-u3ah","summary":"Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11936","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15778","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15889","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1588","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1584","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15755","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121202","reference_id":"1121202","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121202"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9117","reference_id":"9117","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:19:13Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9117"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:19:13Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135196?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2025-11936"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v696-3bjc-u3ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42508?format=json","vulnerability_id":"VCID-vk5e-46tz-qybc","summary":"Improper Certificate Validation\nIn wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the `sig_algo` field differs between the `certificate_verify` message and the certificate message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25638","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3456","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34658","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34675","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34639","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34604","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34623","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25638"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/4813","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/4813"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25638","reference_id":"CVE-2022-25638","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25638"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135184?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135186?format=json","purl":"pkg:deb/debian/wolfssl@5.2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-25638"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vk5e-46tz-qybc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105529?format=json","vulnerability_id":"VCID-vpm8-dk9k-ffdd","summary":"A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7_DecryptOri() function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo (ORI) recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer (oriOID[MAX_OID_SZ]) via XMEMCPY without first validating that the parsed OID length does not exceed MAX_OID_SZ. A crafted CMS EnvelopedData message with an ORI recipient containing an OID longer than 32 bytes triggers a stack buffer overflow. Exploitation requires the library to be built with --enable-pkcs7 (disabled by default) and the application to have registered an ORI decrypt callback via wc_PKCS7_SetOriDecryptCb().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5295","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05015","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04999","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04992","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04952","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5295"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10116","reference_id":"10116","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:32:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10116"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5295"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpm8-dk9k-ffdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105446?format=json","vulnerability_id":"VCID-vtwt-uw9v-muej","summary":"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6478.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6478","reference_id":"","reference_type":"","scores":[{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.662","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.66252","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.6626","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.66244","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.6623","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.66248","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153466","reference_id":"1153466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153466"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135158?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2014-6478"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwt-uw9v-muej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105459?format=json","vulnerability_id":"VCID-w574-d43x-s3d7","summary":"A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2800","reference_id":"","reference_type":"","scores":[{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92708","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.9272","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92716","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92711","published_at":"2026-06-07T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92709","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92726","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2800"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862154","reference_id":"862154","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862154"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41984.txt","reference_id":"CVE-2017-2800","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41984.txt"},{"reference_url":"http://www.talosintelligence.com/reports/TALOS-2017-0293/","reference_id":"CVE-2017-2800","reference_type":"exploit","scores":[],"url":"http://www.talosintelligence.com/reports/TALOS-2017-0293/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135167?format=json","purl":"pkg:deb/debian/wolfssl@3.12.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.12.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2017-2800"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w574-d43x-s3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52908?format=json","vulnerability_id":"VCID-wb19-9qcw-gkat","summary":"Improper Input Validation\nwolfSSL mishandles the change_cipher_spec (CCS) message processing logic for TLS If an attacker sends `ChangeCipherSpec` messages in a crafted way involving more than one in a row, the server becomes stuck in the `ProcessReply()` loop, i.e., a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12457","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6484","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64882","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64892","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64881","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6487","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64887","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12457"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12457","reference_id":"CVE-2020-12457","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12457"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135180?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2020-12457"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wb19-9qcw-gkat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62927?format=json","vulnerability_id":"VCID-x2gy-yhg2-b3hb","summary":"wolfSSL: wolfSSL: Reduced security of ECDSA authentication via missing digest size checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5194.json","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5194.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5194","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0548","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05463","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05423","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05462","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5194"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5194","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5194"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10131","reference_id":"10131","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:L/SA:L/U:Red"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T18:05:44Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10131"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457041","reference_id":"2457041","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457041"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5194"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2gy-yhg2-b3hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105511?format=json","vulnerability_id":"VCID-x87s-328r-jkb8","summary":"Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing heap buffer overflow and a crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1005","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23368","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23353","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23308","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23254","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1005"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9571","reference_id":"9571","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:19:54Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9571"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135213?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-1005"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x87s-328r-jkb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105526?format=json","vulnerability_id":"VCID-xanp-uf25-e7hc","summary":"An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect handling of certificate data. The issue is limited to configurations using the original ASN.1 parsing implementation which is off by default.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5188","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11365","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11357","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11324","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11241","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5188"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10024","reference_id":"10024","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:41:44Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10024"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5188"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xanp-uf25-e7hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105457?format=json","vulnerability_id":"VCID-xmgu-fqj1-ubay","summary":"The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7440.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7440.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7440","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23614","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2371","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23694","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23648","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23594","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23601","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:C/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386584","reference_id":"1386584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386584"},{"reference_url":"https://usn.ubuntu.com/3109-1/","reference_id":"USN-3109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135161?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-7440"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xmgu-fqj1-ubay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105481?format=json","vulnerability_id":"VCID-yb9a-ak36-jfe6","summary":"In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42905","reference_id":"","reference_type":"","scores":[{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90893","published_at":"2026-06-09T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90884","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90883","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.9088","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90877","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90869","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42905"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/11","reference_id":"11","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/11"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42905","reference_id":"CVE-2022-42905","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42905"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable","reference_id":"v5.5.2-stable","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable"},{"reference_url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","reference_id":"wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/"},{"reference_url":"http://packetstormsecurity.com/files/170610/wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html","reference_id":"wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"http://packetstormsecurity.com/files/170610/wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135187?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2022-42905"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yb9a-ak36-jfe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105464?format=json","vulnerability_id":"VCID-ynkb-txs2-xubm","summary":"wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12436","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33682","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33783","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33798","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33764","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3373","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33755","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12436"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901627","reference_id":"901627","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901627"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135173?format=json","purl":"pkg:deb/debian/wolfssl@3.15.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.15.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135150?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7awz-t7tt-8kcp"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-95ja-be1w-9fej"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-ezsk-1v36-g3ca"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135148?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-21yh-r4wn-vycj"},{"vulnerability":"VCID-27g9-3n95-kkbt"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3c4f-5bsw-4fdb"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-5m5d-nsng-3fax"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-7vfv-t74n-nkc9"},{"vulnerability":"VCID-81v7-nqd8-3ufq"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b83f-cerf-w3dj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-eak1-udnd-wkd5"},{"vulnerability":"VCID-f514-rnc3-x3f1"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-nrtb-n1c6-33eq"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-u7zx-6yd7-f3ff"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135152?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4q-9ndy-1fdw"},{"vulnerability":"VCID-1mgs-hqst-n7dc"},{"vulnerability":"VCID-1mu1-swnx-ekdw"},{"vulnerability":"VCID-1v87-8qdx-jkd3"},{"vulnerability":"VCID-1y2r-x2bn-eqfx"},{"vulnerability":"VCID-2mxe-zjgz-eya1"},{"vulnerability":"VCID-3qw3-uf66-9fgh"},{"vulnerability":"VCID-4ew4-thck-5uhw"},{"vulnerability":"VCID-4wdg-hnpa-53da"},{"vulnerability":"VCID-4z69-5qtt-4yc2"},{"vulnerability":"VCID-5cxz-5fy8-t7at"},{"vulnerability":"VCID-6kuu-zu9a-5bc8"},{"vulnerability":"VCID-7pfp-gtnt-s7ch"},{"vulnerability":"VCID-88sp-resj-53g6"},{"vulnerability":"VCID-8f2q-rfdy-bqh6"},{"vulnerability":"VCID-8kpr-8yx2-ukak"},{"vulnerability":"VCID-b235-3xdn-xfbj"},{"vulnerability":"VCID-b8fe-hp5x-dbca"},{"vulnerability":"VCID-cuyv-c1k8-63bm"},{"vulnerability":"VCID-d7mu-j1u1-9kcn"},{"vulnerability":"VCID-daaw-dt6u-pke5"},{"vulnerability":"VCID-db5m-cek2-dugx"},{"vulnerability":"VCID-ddng-1b35-1uc9"},{"vulnerability":"VCID-e98p-q5xr-gubt"},{"vulnerability":"VCID-fabz-xh3m-rkg6"},{"vulnerability":"VCID-fkap-zb8t-pqb3"},{"vulnerability":"VCID-huka-48kh-efg3"},{"vulnerability":"VCID-jjrt-dss6-9fhj"},{"vulnerability":"VCID-jshn-yg13-g3hj"},{"vulnerability":"VCID-mftr-77sh-abbu"},{"vulnerability":"VCID-n6qk-usr9-aff6"},{"vulnerability":"VCID-p421-a8ef-kbaj"},{"vulnerability":"VCID-paec-uwhh-73dv"},{"vulnerability":"VCID-pnut-n5we-fuca"},{"vulnerability":"VCID-ppc5-5jyj-d7dj"},{"vulnerability":"VCID-qgwk-pnn4-bbd7"},{"vulnerability":"VCID-rqn3-sg87-1fa7"},{"vulnerability":"VCID-s387-qv17-8ud6"},{"vulnerability":"VCID-sev9-tcsx-kqcb"},{"vulnerability":"VCID-suaj-zjx7-2kc1"},{"vulnerability":"VCID-v696-3bjc-u3ah"},{"vulnerability":"VCID-vpm8-dk9k-ffdd"},{"vulnerability":"VCID-x2gy-yhg2-b3hb"},{"vulnerability":"VCID-x87s-328r-jkb8"},{"vulnerability":"VCID-xanp-uf25-e7hc"},{"vulnerability":"VCID-z1jn-sw6f-rybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2018-12436"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ynkb-txs2-xubm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105538?format=json","vulnerability_id":"VCID-z1jn-sw6f-rybd","summary":"wolfSSL's wc_PKCS7_DecodeAuthEnvelopedData() does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5500","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2385","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23834","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23785","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23731","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5500"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/10102","reference_id":"10102","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T13:42:21Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/10102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835","reference_id":"1133835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135151?format=json","purl":"pkg:deb/debian/wolfssl@5.9.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}],"aliases":["CVE-2026-5500"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z1jn-sw6f-rybd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.1-0.1%3Fdistro=trixie"}