Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:conan/openssl@1.1.1f

Type conan

Namespace

Name openssl

Version 1.1.1f

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.1.1w

Latest_non_vulnerable_version 3.2.6

Affected_by_vulnerabilities

url VCID-x8uc-src9-6uck

vulnerability_id VCID-x8uc-src9-6uck

summary

Multiple vulnerabilities were found in OpenSSL, the worst of which
    could allow remote attackers to cause a Denial of Service condition.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html

reference_url

http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1967.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1967.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1967

reference_id

reference_type

scores

value	0.67307
scoring_system	epss
scoring_elements	0.98553
published_at	2026-04-02T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.98551
published_at	2026-04-01T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.98564
published_at	2026-04-13T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.98562
published_at	2026-04-09T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.9856
published_at	2026-04-08T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.98558
published_at	2026-04-07T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.98556
published_at	2026-04-04T12:55:00Z

value	0.67307
scoring_system	epss
scoring_elements	0.98563
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967

reference_url

http://seclists.org/fulldisclosure/2020/May/5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2020/May/5

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/irsl/CVE-2020-1967

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/irsl/CVE-2020-1967

reference_url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1

reference_url

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440

reference_url

https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1967

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1967

reference_url

https://rustsec.org/advisories/RUSTSEC-2020-0015.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2020-0015.html

reference_url

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc

reference_url

https://security.netapp.com/advisory/ntap-20200424-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200424-0003

reference_url	https://security.netapp.com/advisory/ntap-20200424-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200424-0003/

reference_url

https://security.netapp.com/advisory/ntap-20200717-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200717-0004

reference_url	https://security.netapp.com/advisory/ntap-20200717-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200717-0004/

reference_url

https://www.debian.org/security/2020/dsa-4661

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4661

reference_url

https://www.openssl.org/news/secadv/20200421.txt

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.openssl.org/news/secadv/20200421.txt

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

https://www.synology.com/security/advisory/Synology_SA_20_05

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.synology.com/security/advisory/Synology_SA_20_05

reference_url

https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL

reference_url

https://www.tenable.com/security/tns-2020-03

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2020-03

reference_url

https://www.tenable.com/security/tns-2020-04

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2020-04

reference_url

https://www.tenable.com/security/tns-2020-11

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2020-11

reference_url

https://www.tenable.com/security/tns-2021-10

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2021-10

reference_url

http://www.openwall.com/lists/oss-security/2020/04/22/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/04/22/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1823670
reference_id	1823670
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1823670

reference_url	https://security.archlinux.org/ASA-202004-18
reference_id	ASA-202004-18
reference_type
scores
url	https://security.archlinux.org/ASA-202004-18

reference_url	https://security.archlinux.org/ASA-202004-19
reference_id	ASA-202004-19
reference_type
scores
url	https://security.archlinux.org/ASA-202004-19

reference_url

https://security.archlinux.org/AVG-1139

reference_id

AVG-1139

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1139

reference_url

https://security.archlinux.org/AVG-1142

reference_id

AVG-1142

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1142

reference_url

https://github.com/advisories/GHSA-jq65-29v4-4x35

reference_id

GHSA-jq65-29v4-4x35

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jq65-29v4-4x35

reference_url

https://security.gentoo.org/glsa/202004-10

reference_id

GLSA-202004-10

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202004-10

fixed_packages

url pkg:conan/openssl@1.1.1g

purl pkg:conan/openssl@1.1.1g

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xnhs-4v7t-p3hv

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.1.1g

aliases CVE-2020-1967, GHSA-jq65-29v4-4x35

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8uc-src9-6uck

url VCID-xnhs-4v7t-p3hv

vulnerability_id VCID-xnhs-4v7t-p3hv

summary

Excessive Iteration
Issue summary: Checking excessively long DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_check(), DH_check_ex()
or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long
delays. Where the key or parameters that are being checked have been obtained
from an untrusted source this may lead to a Denial of Service.

The function DH_check() performs various checks on DH parameters. After fixing
CVE-2023-3446 it was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A correct q value,
if present, cannot be larger than the modulus p parameter, thus it is
unnecessary to perform these checks if q is larger than p.

An application that calls DH_check() and supplies a key or parameters obtained
from an untrusted source could be vulnerable to a Denial of Service attack.

The function DH_check() is itself called by a number of other OpenSSL functions.
An application calling any of those other functions may similarly be affected.
The other functions affected by this are DH_check_ex() and
EVP_PKEY_param_check().

Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
when using the "-check" option.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3817.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3817

reference_id

reference_type

scores

value	0.0032
scoring_system	epss
scoring_elements	0.55026
published_at	2026-04-02T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.5507
published_at	2026-04-12T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55052
published_at	2026-04-13T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55028
published_at	2026-04-07T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55077
published_at	2026-04-08T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55076
published_at	2026-04-09T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55089
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817

reference_url	http://seclists.org/fulldisclosure/2023/Jul/43
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2023/Jul/43

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/

url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5

reference_url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/

url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644

reference_url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/

url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f

reference_url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/

url

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5

reference_url

https://www.openssl.org/news/secadv/20230731.txt

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:20Z/

url

https://www.openssl.org/news/secadv/20230731.txt

reference_url	http://www.openwall.com/lists/oss-security/2023/07/31/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2023/07/31/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2227852
reference_id	2227852
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2227852

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-3817
reference_id	CVE-2023-3817
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-3817

reference_url	https://access.redhat.com/errata/RHSA-2023:5931
reference_id	RHSA-2023:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5931

reference_url	https://access.redhat.com/errata/RHSA-2023:7622
reference_id	RHSA-2023:7622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7622

reference_url	https://access.redhat.com/errata/RHSA-2023:7623
reference_id	RHSA-2023:7623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7623

reference_url	https://access.redhat.com/errata/RHSA-2023:7625
reference_id	RHSA-2023:7625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7625

reference_url	https://access.redhat.com/errata/RHSA-2023:7626
reference_id	RHSA-2023:7626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7626

reference_url	https://access.redhat.com/errata/RHSA-2023:7877
reference_id	RHSA-2023:7877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7877

reference_url	https://access.redhat.com/errata/RHSA-2024:0154
reference_id	RHSA-2024:0154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0154

reference_url	https://access.redhat.com/errata/RHSA-2024:0208
reference_id	RHSA-2024:0208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0208

reference_url	https://access.redhat.com/errata/RHSA-2024:2447
reference_id	RHSA-2024:2447
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2447

reference_url	https://usn.ubuntu.com/6435-1/
reference_id	USN-6435-1
reference_type
scores
url	https://usn.ubuntu.com/6435-1/

reference_url	https://usn.ubuntu.com/6435-2/
reference_id	USN-6435-2
reference_type
scores
url	https://usn.ubuntu.com/6435-2/

reference_url	https://usn.ubuntu.com/6450-1/
reference_id	USN-6450-1
reference_type
scores
url	https://usn.ubuntu.com/6450-1/

reference_url	https://usn.ubuntu.com/6709-1/
reference_id	USN-6709-1
reference_type
scores
url	https://usn.ubuntu.com/6709-1/

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url	pkg:conan/openssl@1.1.1w
purl	pkg:conan/openssl@1.1.1w
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.1.1w

url pkg:conan/openssl@3.0.12

purl pkg:conan/openssl@3.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2by2-tzdd-kkc7

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.12

url	pkg:conan/openssl@3.1.3
purl	pkg:conan/openssl@3.1.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.1.3

aliases CVE-2023-3817

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnhs-4v7t-p3hv

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.1.1f

Package Instance