Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/openssl@3.1.0-r2?arch=s390x&distroversion=v3.18&reponame=main
Typeapk
Namespacealpine
Nameopenssl
Version3.1.0-r2
Qualifiers
arch s390x
distroversion v3.18
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.1.0-r4
Latest_non_vulnerable_version3.1.8-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5bn8-6xa9-fqe4
vulnerability_id VCID-5bn8-6xa9-fqe4
summary 
Improper Certificate Validation
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0465
reference_id
reference_type
scores
0
value 0.00449
scoring_system epss
scoring_elements 0.6356
published_at 2026-04-02T12:55:00Z
1
value 0.00449
scoring_system epss
scoring_elements 0.6362
published_at 2026-04-12T12:55:00Z
2
value 0.00449
scoring_system epss
scoring_elements 0.63587
published_at 2026-04-13T12:55:00Z
3
value 0.00449
scoring_system epss
scoring_elements 0.63552
published_at 2026-04-07T12:55:00Z
4
value 0.00449
scoring_system epss
scoring_elements 0.63604
published_at 2026-04-08T12:55:00Z
5
value 0.00449
scoring_system epss
scoring_elements 0.63621
published_at 2026-04-09T12:55:00Z
6
value 0.00449
scoring_system epss
scoring_elements 0.63636
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
8
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
9
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
10
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
11
reference_url https://www.openssl.org/news/secadv/20230328.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://www.openssl.org/news/secadv/20230328.txt
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720
reference_id 1034720
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2182561
reference_id 2182561
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2182561
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0465
reference_id CVE-2023-0465
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0465
15
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
16
reference_url https://security.netapp.com/advisory/ntap-20230414-0001/
reference_id ntap-20230414-0001
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/
url https://security.netapp.com/advisory/ntap-20230414-0001/
17
reference_url https://access.redhat.com/errata/RHSA-2023:3722
reference_id RHSA-2023:3722
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3722
18
reference_url https://access.redhat.com/errata/RHSA-2023:7622
reference_id RHSA-2023:7622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7622
19
reference_url https://access.redhat.com/errata/RHSA-2023:7623
reference_id RHSA-2023:7623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7623
20
reference_url https://access.redhat.com/errata/RHSA-2023:7625
reference_id RHSA-2023:7625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7625
21
reference_url https://access.redhat.com/errata/RHSA-2023:7626
reference_id RHSA-2023:7626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7626
22
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:apk/alpine/openssl@3.1.0-r2?arch=s390x&distroversion=v3.18&reponame=main
purl pkg:apk/alpine/openssl@3.1.0-r2?arch=s390x&distroversion=v3.18&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.0-r2%3Farch=s390x&distroversion=v3.18&reponame=main
aliases CVE-2023-0465
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bn8-6xa9-fqe4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.1.0-r2%3Farch=s390x&distroversion=v3.18&reponame=main