{"url":"http://public2.vulnerablecode.io/api/packages/88595?format=json","purl":"pkg:rpm/redhat/openssl@1:3.2.2-7.el9_6?arch=1","type":"rpm","namespace":"redhat","name":"openssl","version":"1:3.2.2-7.el9_6","qualifiers":{"arch":"1"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67393?format=json","vulnerability_id":"VCID-fwwa-41df-zqfk","summary":"openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9230.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9230","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10091","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10121","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10145","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10016","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10038","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10165","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10225","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10186","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10125","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10153","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10049","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11786","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1187","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20250930.txt","reference_id":"20250930.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://openssl-library.org/news/secadv/20250930.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396054","reference_id":"2396054","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396054"},{"reference_url":"https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45","reference_id":"5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45"},{"reference_url":"https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280","reference_id":"9e91358f365dee6c446dcdcdb01c04d2743fd280","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280"},{"reference_url":"https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def","reference_id":"a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def"},{"reference_url":"https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd","reference_id":"b5282d677551afda7d20e9c00e09561b547b2dfd","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd"},{"reference_url":"https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482","reference_id":"bae259a211ada6315dc50900686daaaaaa55f482","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482"},{"reference_url":"https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3","reference_id":"c2b96348bfa662f25f4fabf81958ae822063dae3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3"},{"reference_url":"https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba","reference_id":"dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:30:08Z/"}],"url":"https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21174","reference_id":"RHSA-2025:21174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21248","reference_id":"RHSA-2025:21248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21255","reference_id":"RHSA-2025:21255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21562","reference_id":"RHSA-2025:21562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22428","reference_id":"RHSA-2025:22428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22529","reference_id":"RHSA-2025:22529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22548","reference_id":"RHSA-2025:22548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22794","reference_id":"RHSA-2025:22794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22868","reference_id":"RHSA-2025:22868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23202","reference_id":"RHSA-2025:23202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23204","reference_id":"RHSA-2025:23204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23205","reference_id":"RHSA-2025:23205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23209","reference_id":"RHSA-2025:23209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23449","reference_id":"RHSA-2025:23449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0332","reference_id":"RHSA-2026:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0337","reference_id":"RHSA-2026:0337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0420","reference_id":"RHSA-2026:0420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0602","reference_id":"RHSA-2026:0602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0674","reference_id":"RHSA-2026:0674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0714","reference_id":"RHSA-2026:0714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0794","reference_id":"RHSA-2026:0794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0887","reference_id":"RHSA-2026:0887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1349","reference_id":"RHSA-2026:1349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1475","reference_id":"RHSA-2026:1475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1652","reference_id":"RHSA-2026:1652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1720","reference_id":"RHSA-2026:1720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2771","reference_id":"RHSA-2026:2771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2776","reference_id":"RHSA-2026:2776","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2974","reference_id":"RHSA-2026:2974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2994","reference_id":"RHSA-2026:2994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2995","reference_id":"RHSA-2026:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3164","reference_id":"RHSA-2026:3164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3415","reference_id":"RHSA-2026:3415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3861","reference_id":"RHSA-2026:3861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7786-1/","reference_id":"USN-7786-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7786-1/"}],"fixed_packages":[],"aliases":["CVE-2025-9230"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwwa-41df-zqfk"}],"fixing_vulnerabilities":[],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:3.2.2-7.el9_6%3Farch=1"}