Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main

Type apk

Namespace alpine

Name openssl

Version 1.1.1d-r1

Qualifiers

arch	riscv64
distroversion	v3.20
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.1.1d-r3

Latest_non_vulnerable_version 3.3.7-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6xfg-3n5d-pbcv

vulnerability_id VCID-6xfg-3n5d-pbcv

summary In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1563.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1563

reference_id

reference_type

scores

value	0.01121
scoring_system	epss
scoring_elements	0.78583
published_at	2026-06-04T12:55:00Z

value	0.01121
scoring_system	epss
scoring_elements	0.7861
published_at	2026-06-05T12:55:00Z

value	0.01121
scoring_system	epss
scoring_elements	0.78618
published_at	2026-06-06T12:55:00Z

value	0.01121
scoring_system	epss
scoring_elements	0.78609
published_at	2026-06-07T12:55:00Z

value	0.01121
scoring_system	epss
scoring_elements	0.78597
published_at	2026-06-08T12:55:00Z

value	0.01121
scoring_system	epss
scoring_elements	0.78614
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1563

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1752100
reference_id	1752100
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1752100

reference_url	https://security.gentoo.org/glsa/201911-04
reference_id	GLSA-201911-04
reference_type
scores
url	https://security.gentoo.org/glsa/201911-04

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:1840
reference_id	RHSA-2020:1840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1840

fixed_packages

url	pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1d-r1%3Farch=riscv64&distroversion=v3.20&reponame=main

aliases CVE-2019-1563

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xfg-3n5d-pbcv

url VCID-e92e-benv-bffs

vulnerability_id VCID-e92e-benv-bffs

summary OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1549.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1549

reference_id

reference_type

scores

value	0.02629
scoring_system	epss
scoring_elements	0.8597
published_at	2026-06-04T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85991
published_at	2026-06-05T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85994
published_at	2026-06-06T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.8599
published_at	2026-06-07T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85979
published_at	2026-06-08T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85993
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1752095
reference_id	1752095
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1752095

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:1840
reference_id	RHSA-2020:1840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1840

fixed_packages

url	pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1d-r1%3Farch=riscv64&distroversion=v3.20&reponame=main

aliases CVE-2019-1549

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e92e-benv-bffs

url VCID-qpwm-n2zh-rffm

vulnerability_id VCID-qpwm-n2zh-rffm

summary Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1547.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1547.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1547

reference_id

reference_type

scores

value	0.0026
scoring_system	epss
scoring_elements	0.49608
published_at	2026-06-05T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49571
published_at	2026-06-08T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.496
published_at	2026-06-07T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49546
published_at	2026-06-04T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49586
published_at	2026-06-09T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49618
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://seclists.org/bugtraq/2019/Oct/0

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://seclists.org/bugtraq/2019/Oct/0

reference_url

https://seclists.org/bugtraq/2019/Oct/1

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://seclists.org/bugtraq/2019/Oct/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1752090
reference_id	1752090
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1752090

reference_url

https://arxiv.org/abs/1909.01785

reference_id

1909.01785

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://arxiv.org/abs/1909.01785

reference_url

https://www.openssl.org/news/secadv/20190910.txt

reference_id

20190910.txt

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://www.openssl.org/news/secadv/20190910.txt

reference_url

https://seclists.org/bugtraq/2019/Sep/25

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://seclists.org/bugtraq/2019/Sep/25

reference_url

https://usn.ubuntu.com/4376-1/

reference_id

4376-1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://usn.ubuntu.com/4376-1/

reference_url

https://usn.ubuntu.com/4376-2/

reference_id

4376-2

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://usn.ubuntu.com/4376-2/

reference_url

https://usn.ubuntu.com/4504-1/

reference_id

4504-1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://usn.ubuntu.com/4504-1/

reference_url

https://www.debian.org/security/2019/dsa-4539

reference_id

dsa-4539

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://www.debian.org/security/2019/dsa-4539

reference_url

https://www.debian.org/security/2019/dsa-4540

reference_id

dsa-4540

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://www.debian.org/security/2019/dsa-4540

reference_url

https://security.gentoo.org/glsa/201911-04

reference_id

GLSA-201911-04

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://security.gentoo.org/glsa/201911-04

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/

reference_id

GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/

reference_url

https://kc.mcafee.com/corporate/index?page=content&id=SB10365

reference_id

index?page=content&id=SB10365

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://kc.mcafee.com/corporate/index?page=content&id=SB10365

reference_url

https://support.f5.com/csp/article/K73422160?utm_source=f5support&amp%3Butm_medium=RSS

reference_id

K73422160?utm_source=f5support&amp%3Butm_medium=RSS

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://support.f5.com/csp/article/K73422160?utm_source=f5support&amp%3Butm_medium=RSS

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html

reference_id

msg00016.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html

reference_url

https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html

reference_id

msg00026.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html

reference_id

msg00054.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html

reference_id

msg00072.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html

reference_url

https://security.netapp.com/advisory/ntap-20190919-0002/

reference_id

ntap-20190919-0002

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://security.netapp.com/advisory/ntap-20190919-0002/

reference_url

https://security.netapp.com/advisory/ntap-20200122-0002/

reference_id

ntap-20200122-0002

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://security.netapp.com/advisory/ntap-20200122-0002/

reference_url

https://security.netapp.com/advisory/ntap-20200416-0003/

reference_id

ntap-20200416-0003

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://security.netapp.com/advisory/ntap-20200416-0003/

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_id

ntap-20240621-0006

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_url

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46

reference_id

?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=21c856b75d81eff61aa63b4f036bb64a85bf6d46

reference_url

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8

reference_id

?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=30c22fa8b1d840036b8e203585738df62a03cec8

reference_url

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a

reference_id

?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:1840
reference_id	RHSA-2020:1840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1840

reference_url

http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html

reference_id

Slackware-Security-Advisory-openssl-Updates.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/

reference_id

ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T19:04:18Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/

fixed_packages

url	pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/openssl@1.1.1d-r1?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1d-r1%3Farch=riscv64&distroversion=v3.20&reponame=main

aliases CVE-2019-1547

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwm-n2zh-rffm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@1.1.1d-r1%3Farch=riscv64&distroversion=v3.20&reponame=main

Package Instance