{"url":"http://public2.vulnerablecode.io/api/packages/153595?format=json","purl":"pkg:apk/alpine/openssl@3.0.8-r0?arch=x86&distroversion=v3.21&reponame=main","type":"apk","namespace":"alpine","name":"openssl","version":"3.0.8-r0","qualifiers":{"arch":"x86","distroversion":"v3.21","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.1.0-r1","latest_non_vulnerable_version":"3.3.7-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36882?format=json","vulnerability_id":"VCID-fu26-meyx-fudp","summary":"openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions\nAn invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the `d2i_PKCS7()`, `d2i_PKCS7_bio()` or `d2i_PKCS7_fp()` functions.\n\nThe result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0216","reference_id":"","reference_type":"","scores":[{"value":"0.00853","scoring_system":"epss","scoring_elements":"0.75242","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0216","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0216"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0011.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164497","reference_id":"2164497","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/153595?format=json","purl":"pkg:apk/alpine/openssl@3.0.8-r0?arch=x86&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.8-r0%3Farch=x86&distroversion=v3.21&reponame=main"}],"aliases":["CVE-2023-0216","GHSA-29xx-hcv2-c4cp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fu26-meyx-fudp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36739?format=json","vulnerability_id":"VCID-k5v7-2bnn-quc9","summary":"openssl-src subject to NULL dereference validating DSA public key\nAn invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the `EVP_PKEY_public_check()` function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack.\n\nThe TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0217","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75336","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0217","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0217"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0012.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0012.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164499","reference_id":"2164499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/153595?format=json","purl":"pkg:apk/alpine/openssl@3.0.8-r0?arch=x86&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.8-r0%3Farch=x86&distroversion=v3.21&reponame=main"}],"aliases":["CVE-2023-0217","GHSA-vxrh-cpg7-8vjr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5v7-2bnn-quc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36971?format=json","vulnerability_id":"VCID-ybuy-b75v-ukfb","summary":"openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`\nThe public API function `BIO_new_NDEF` is a helper function used for streaming ASN.1 data via a `BIO`. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications.\n\nThe function receives a `BIO` from the caller, prepends a new `BIO_f_asn1` filter `BIO` onto the front of it to form a `BIO` chain, and then returns the new head of the `BIO` chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter `BIO` is freed and the function returns a `NULL` result indicating a failure. However, in this case, the `BIO` chain is not properly cleaned up and the `BIO` passed by the caller still retains internal pointers to the previously freed filter `BIO`. If the caller then goes on to call `BIO_pop()` on the `BIO` then a use-after-free will occur. This will most likely result in a crash.\n\nThis scenario occurs directly in the internal function `B64_write_ASN1()` which may cause `BIO_new_NDEF()` to be called and will subsequently call `BIO_pop()` on the `BIO`. This internal function is in turn called by the public API functions `PEM_write_bio_ASN1_stream`, `PEM_write_bio_CMS_stream`, `PEM_write_bio_PKCS7_stream`, `SMIME_write_ASN1`, `SMIME_write_CMS` and `SMIME_write_PKCS7`.\n\nOther public API functions that may be impacted by this include `i2d_ASN1_bio_stream`, `BIO_new_CMS`, `BIO_new_PKCS7`, `i2d_CMS_bio_stream` and `i2d_PKCS7_bio_stream`.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0215.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0215.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0215","reference_id":"","reference_type":"","scores":[{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62807","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0215","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0215"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0009.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0009.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0007","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230427-0007"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230427-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164492","reference_id":"2164492","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164492"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0007/","reference_id":"ntap-20230427-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0007/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0009/","reference_id":"ntap-20230427-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0009/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1405","reference_id":"RHSA-2023:1405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2165","reference_id":"RHSA-2023:2165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2932","reference_id":"RHSA-2023:2932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3408","reference_id":"RHSA-2023:3408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3420","reference_id":"RHSA-2023:3420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3421","reference_id":"RHSA-2023:3421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4128","reference_id":"RHSA-2023:4128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4128"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"},{"reference_url":"https://usn.ubuntu.com/5845-1/","reference_id":"USN-5845-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5845-1/"},{"reference_url":"https://usn.ubuntu.com/5845-2/","reference_id":"USN-5845-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5845-2/"},{"reference_url":"https://usn.ubuntu.com/6564-1/","reference_id":"USN-6564-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6564-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/153595?format=json","purl":"pkg:apk/alpine/openssl@3.0.8-r0?arch=x86&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.8-r0%3Farch=x86&distroversion=v3.21&reponame=main"}],"aliases":["CVE-2023-0215","GHSA-r7jw-wp68-3xch"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ybuy-b75v-ukfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36771?format=json","vulnerability_id":"VCID-zqta-6gza-skdv","summary":"Vulnerable OpenSSL included in cryptography wheels\npyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8.1-39.0.0  are vulnerable to a security issue. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221213.txt and https://www.openssl.org/news/secadv/20230207.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0286.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0286.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-0286","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2023-0286"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0286","reference_id":"","reference_type":"","scores":[{"value":"0.88334","scoring_system":"epss","scoring_elements":"0.99512","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286"},{"reference_url":"https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt"},{"reference_url":"https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0286","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0286"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0006.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0006.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:22Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164440","reference_id":"2164440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164440"},{"reference_url":"https://github.com/advisories/GHSA-x4qr-2fvf-3mr5","reference_id":"GHSA-x4qr-2fvf-3mr5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-x4qr-2fvf-3mr5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1335","reference_id":"RHSA-2023:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1405","reference_id":"RHSA-2023:1405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1437","reference_id":"RHSA-2023:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1438","reference_id":"RHSA-2023:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1439","reference_id":"RHSA-2023:1439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1440","reference_id":"RHSA-2023:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1441","reference_id":"RHSA-2023:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2022","reference_id":"RHSA-2023:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2165","reference_id":"RHSA-2023:2165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2932","reference_id":"RHSA-2023:2932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3420","reference_id":"RHSA-2023:3420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3421","reference_id":"RHSA-2023:3421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4124","reference_id":"RHSA-2023:4124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4128","reference_id":"RHSA-2023:4128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4252","reference_id":"RHSA-2023:4252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5209","reference_id":"RHSA-2023:5209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5136","reference_id":"RHSA-2024:5136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6095","reference_id":"RHSA-2024:6095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7733","reference_id":"RHSA-2025:7733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7895","reference_id":"RHSA-2025:7895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7937","reference_id":"RHSA-2025:7937","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7937"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"},{"reference_url":"https://usn.ubuntu.com/5845-1/","reference_id":"USN-5845-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5845-1/"},{"reference_url":"https://usn.ubuntu.com/5845-2/","reference_id":"USN-5845-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5845-2/"},{"reference_url":"https://usn.ubuntu.com/6564-1/","reference_id":"USN-6564-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6564-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/153595?format=json","purl":"pkg:apk/alpine/openssl@3.0.8-r0?arch=x86&distroversion=v3.21&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.8-r0%3Farch=x86&distroversion=v3.21&reponame=main"}],"aliases":["CVE-2023-0286","GHSA-x4qr-2fvf-3mr5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqta-6gza-skdv"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.0.8-r0%3Farch=x86&distroversion=v3.21&reponame=main"}