Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/openssl@0.9.8e-12.el5_6?arch=12
Typerpm
Namespaceredhat
Nameopenssl
Version0.9.8e-12.el5_6
Qualifiers
arch 12
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-kpyv-ydcz-1qev
vulnerability_id VCID-kpyv-ydcz-1qev
summary OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0224.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0224.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0224
reference_id
reference_type
scores
0
value 0.89694
scoring_system epss
scoring_elements 0.99584
published_at 2026-06-04T12:55:00Z
1
value 0.89694
scoring_system epss
scoring_elements 0.99585
published_at 2026-06-08T12:55:00Z
2
value 0.89694
scoring_system epss
scoring_elements 0.99586
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0224
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1103586
reference_id 1103586
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1103586
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665
reference_id 750665
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750665
8
reference_url https://security.gentoo.org/glsa/201407-05
reference_id GLSA-201407-05
reference_type
scores
url https://security.gentoo.org/glsa/201407-05
9
reference_url https://access.redhat.com/errata/RHSA-2014:0624
reference_id RHSA-2014:0624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0624
10
reference_url https://access.redhat.com/errata/RHSA-2014:0625
reference_id RHSA-2014:0625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0625
11
reference_url https://access.redhat.com/errata/RHSA-2014:0626
reference_id RHSA-2014:0626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0626
12
reference_url https://access.redhat.com/errata/RHSA-2014:0627
reference_id RHSA-2014:0627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0627
13
reference_url https://access.redhat.com/errata/RHSA-2014:0628
reference_id RHSA-2014:0628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0628
14
reference_url https://access.redhat.com/errata/RHSA-2014:0629
reference_id RHSA-2014:0629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0629
15
reference_url https://access.redhat.com/errata/RHSA-2014:0630
reference_id RHSA-2014:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0630
16
reference_url https://access.redhat.com/errata/RHSA-2014:0631
reference_id RHSA-2014:0631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0631
17
reference_url https://access.redhat.com/errata/RHSA-2014:0632
reference_id RHSA-2014:0632
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0632
18
reference_url https://access.redhat.com/errata/RHSA-2014:0633
reference_id RHSA-2014:0633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0633
19
reference_url https://access.redhat.com/errata/RHSA-2014:0679
reference_id RHSA-2014:0679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0679
20
reference_url https://access.redhat.com/errata/RHSA-2014:0680
reference_id RHSA-2014:0680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0680
21
reference_url https://usn.ubuntu.com/2232-1/
reference_id USN-2232-1
reference_type
scores
url https://usn.ubuntu.com/2232-1/
fixed_packages
aliases CVE-2014-0224
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpyv-ydcz-1qev
Fixing_vulnerabilities
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@0.9.8e-12.el5_6%3Farch=12