{"url":"http://public2.vulnerablecode.io/api/packages/4378?format=json","purl":"pkg:deb/debian/openssl@1.0.1k-3","type":"deb","namespace":"debian","name":"openssl","version":"1.0.1k-3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.1.1n-0+deb10u3","latest_non_vulnerable_version":"1.1.1n-0+deb10u3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5618?format=json","vulnerability_id":"VCID-249a-9kqa-p7an","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"},{"reference_url":"https://security.archlinux.org/ASA-202103-10","reference_id":"ASA-202103-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-10"},{"reference_url":"https://security.archlinux.org/AVG-1736","reference_id":"AVG-1736","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1736"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2021-3449"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-249a-9kqa-p7an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3322?format=json","vulnerability_id":"VCID-3pke-7yer-87hz","summary":"arbitrary command execution","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068"},{"reference_url":"https://security.archlinux.org/AVG-2765","reference_id":"AVG-2765","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2765"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2022-2068"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3pke-7yer-87hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6782?format=json","vulnerability_id":"VCID-4197-62g5-8ka3","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-2181"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4197-62g5-8ka3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6786?format=json","vulnerability_id":"VCID-448b-h78v-wfes","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-2177"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-448b-h78v-wfes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6654?format=json","vulnerability_id":"VCID-4pe4-89ss-57am","summary":"denial of service","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054"},{"reference_url":"https://security.archlinux.org/AVG-143","reference_id":"AVG-143","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-143"},{"reference_url":"https://security.archlinux.org/AVG-144","reference_id":"AVG-144","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-144"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5334?format=json","purl":"pkg:deb/debian/openssl@1.1.0l-1~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0l-1~deb9u1"}],"aliases":["CVE-2016-7054"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pe4-89ss-57am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6777?format=json","vulnerability_id":"VCID-4wy2-zsz2-a3ew","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-6304"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4wy2-zsz2-a3ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2931?format=json","vulnerability_id":"VCID-7gkv-pu79-43hx","summary":"Security researcher Matthew Green reported a Diffie–Hellman\n(DHE) key processing issue in Network Security Services (NSS) where a\nman-in-the-middle (MITM) attacker can force a server to downgrade TLS\nconnections to 512-bit export-grade cryptography by modifying client\nrequests to include only export-grade cipher suites. The resulting\nweak key can then be leveraged to impersonate the server. This attack\nis detailed in the \"Imperfect Forward\nSecrecy: How Diffie-Hellman Fails in Practice\" paper and is known as the\n\"Logjam Attack.\"This issue was fixed in NSS version 3.19.1 by limiting the lower strength of\nsupported DHE keys to use 1023 bit primes.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000","reference_id":"CVE-2015-4000","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-70","reference_id":"mfsa2015-70","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-70"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2015-4000"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7gkv-pu79-43hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5933?format=json","vulnerability_id":"VCID-8fae-zjwu-47gz","summary":"denial of service","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967"},{"reference_url":"https://security.archlinux.org/ASA-202004-18","reference_id":"ASA-202004-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-18"},{"reference_url":"https://security.archlinux.org/ASA-202004-19","reference_id":"ASA-202004-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-19"},{"reference_url":"https://security.archlinux.org/AVG-1139","reference_id":"AVG-1139","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1139"},{"reference_url":"https://security.archlinux.org/AVG-1142","reference_id":"AVG-1142","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1142"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2020-1967"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fae-zjwu-47gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6783?format=json","vulnerability_id":"VCID-d1w5-8ktx-cubx","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-2180"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1w5-8ktx-cubx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6781?format=json","vulnerability_id":"VCID-dspw-qctj-jufk","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-2182"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dspw-qctj-jufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6655?format=json","vulnerability_id":"VCID-e6jy-vxau-jfba","summary":"denial of service","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7053"},{"reference_url":"https://security.archlinux.org/AVG-143","reference_id":"AVG-143","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-143"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5334?format=json","purl":"pkg:deb/debian/openssl@1.1.0l-1~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.0l-1~deb9u1"}],"aliases":["CVE-2016-7053"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6jy-vxau-jfba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6827?format=json","vulnerability_id":"VCID-erdm-7pfg-e7hc","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2","reference_id":"","reference_type":"","scores":[],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb","reference_id":"","reference_type":"","scores":[],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23","reference_id":"","reference_type":"","scores":[],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23"},{"reference_url":"https://www.openssl.org/news/secadv/20220503.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/news/secadv/20220503.txt"},{"reference_url":"https://security.archlinux.org/AVG-2702","reference_id":"AVG-2702","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2702"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1292","reference_id":"CVE-2022-1292","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1292"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2022-1292"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-erdm-7pfg-e7hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5766?format=json","vulnerability_id":"VCID-fb66-4fr3-xye7","summary":"denial of service","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971"},{"reference_url":"https://security.archlinux.org/ASA-202012-24","reference_id":"ASA-202012-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-24"},{"reference_url":"https://security.archlinux.org/AVG-1335","reference_id":"AVG-1335","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1335"},{"reference_url":"https://security.archlinux.org/AVG-1404","reference_id":"AVG-1404","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1404"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2020-1971"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fb66-4fr3-xye7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6779?format=json","vulnerability_id":"VCID-fgmh-6g91-9qgv","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-6302"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgmh-6g91-9qgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6778?format=json","vulnerability_id":"VCID-g1bm-2aj1-kff9","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-6303"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1bm-2aj1-kff9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6784?format=json","vulnerability_id":"VCID-k4k5-uhxu-gyc1","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-2179"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4k5-uhxu-gyc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6776?format=json","vulnerability_id":"VCID-m4ms-vh59-ufbd","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-6306"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4ms-vh59-ufbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5286?format=json","vulnerability_id":"VCID-n1r2-zqmn-2ufh","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712"},{"reference_url":"https://www.openssl.org/news/secadv/20210824.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/news/secadv/20210824.txt"},{"reference_url":"https://security.archlinux.org/AVG-2315","reference_id":"AVG-2315","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2315"},{"reference_url":"https://security.archlinux.org/AVG-2316","reference_id":"AVG-2316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2316"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3711","reference_id":"CVE-2021-3711","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2021-3711"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1r2-zqmn-2ufh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6785?format=json","vulnerability_id":"VCID-rynq-d6tu-2ygg","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306"},{"reference_url":"https://security.archlinux.org/ASA-201609-23","reference_id":"ASA-201609-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-23"},{"reference_url":"https://security.archlinux.org/ASA-201609-24","reference_id":"ASA-201609-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-24"},{"reference_url":"https://security.archlinux.org/AVG-29","reference_id":"AVG-29","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-29"},{"reference_url":"https://security.archlinux.org/AVG-30","reference_id":"AVG-30","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4379?format=json","purl":"pkg:deb/debian/openssl@1.0.1t-1%2Bdeb8u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1t-1%252Bdeb8u8"},{"url":"http://public2.vulnerablecode.io/api/packages/5333?format=json","purl":"pkg:deb/debian/openssl@1.0.2l-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.2l-1~bpo8%252B1"}],"aliases":["CVE-2016-2178"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rynq-d6tu-2ygg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5285?format=json","vulnerability_id":"VCID-uw52-vah8-uqda","summary":"multiple issues","references":[{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11","reference_id":"","reference_type":"","scores":[],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12","reference_id":"","reference_type":"","scores":[],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10366","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10366"},{"reference_url":"https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210827-0010/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210827-0010/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4963","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2021/dsa-4963"},{"reference_url":"https://www.openssl.org/news/secadv/20210824.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/news/secadv/20210824.txt"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.tenable.com/security/tns-2021-16","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2021-16"},{"reference_url":"https://www.tenable.com/security/tns-2022-02","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2022-02"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/08/26/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/08/26/2"},{"reference_url":"https://security.archlinux.org/AVG-2315","reference_id":"AVG-2315","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2315"},{"reference_url":"https://security.archlinux.org/AVG-2316","reference_id":"AVG-2316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2316"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3712","reference_id":"CVE-2021-3712","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3712"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5335?format=json","purl":"pkg:deb/debian/openssl@1.1.1n-0%2Bdeb10u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb10u3"}],"aliases":["CVE-2021-3712"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uw52-vah8-uqda"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2961?format=json","vulnerability_id":"VCID-81zk-xrsj-cufe","summary":"Security researcher Karthikeyan Bhargavan reported an issue\nin Network Security Services (NSS) where MD5 signatures in the server signature within the\nTLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has\nofficially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This\nissues exposes NSS based clients such as Firefox to theoretical collision-based forgery\nattacks. This issue was fixed in NSS version 3.20.2.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"CVE-2015-7575","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-150","reference_id":"mfsa2015-150","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-150"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4074?format=json","purl":"pkg:deb/debian/openssl@1.0.1e-2%2Bdeb7u20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-81zk-xrsj-cufe"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1e-2%252Bdeb7u20"},{"url":"http://public2.vulnerablecode.io/api/packages/4378?format=json","purl":"pkg:deb/debian/openssl@1.0.1k-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-249a-9kqa-p7an"},{"vulnerability":"VCID-3pke-7yer-87hz"},{"vulnerability":"VCID-4197-62g5-8ka3"},{"vulnerability":"VCID-448b-h78v-wfes"},{"vulnerability":"VCID-4pe4-89ss-57am"},{"vulnerability":"VCID-4wy2-zsz2-a3ew"},{"vulnerability":"VCID-7gkv-pu79-43hx"},{"vulnerability":"VCID-8fae-zjwu-47gz"},{"vulnerability":"VCID-d1w5-8ktx-cubx"},{"vulnerability":"VCID-dspw-qctj-jufk"},{"vulnerability":"VCID-e6jy-vxau-jfba"},{"vulnerability":"VCID-erdm-7pfg-e7hc"},{"vulnerability":"VCID-fb66-4fr3-xye7"},{"vulnerability":"VCID-fgmh-6g91-9qgv"},{"vulnerability":"VCID-g1bm-2aj1-kff9"},{"vulnerability":"VCID-k4k5-uhxu-gyc1"},{"vulnerability":"VCID-m4ms-vh59-ufbd"},{"vulnerability":"VCID-n1r2-zqmn-2ufh"},{"vulnerability":"VCID-rynq-d6tu-2ygg"},{"vulnerability":"VCID-uw52-vah8-uqda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-3"}],"aliases":["CVE-2015-7575"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81zk-xrsj-cufe"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.0.1k-3"}