{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","type":"deb","namespace":"debian","name":"openssl","version":"0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.9.6-1","latest_non_vulnerable_version":"3.6.2-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16375?format=json","vulnerability_id":"VCID-1ggt-ugh5-jqeu","summary":"NULL Pointer Dereference\nAn invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0216","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77379","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77361","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77371","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77316","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.7735","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77321","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77263","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77297","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77301","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78262","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.7823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78256","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78265","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78217","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78296","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.7827","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78293","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78248","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0011.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:43Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164497","reference_id":"2164497","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164497"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0216","reference_id":"CVE-2023-0216","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0216"},{"reference_url":"https://github.com/advisories/GHSA-29xx-hcv2-c4cp","reference_id":"GHSA-29xx-hcv2-c4cp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-29xx-hcv2-c4cp"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934048?format=json","purl":"pkg:deb/debian/openssl@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0216","GHSA-29xx-hcv2-c4cp"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ggt-ugh5-jqeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34925?format=json","vulnerability_id":"VCID-1r3e-8nb4-nyaa","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0290.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0290.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0290","reference_id":"","reference_type":"","scores":[{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96832","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.9684","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96841","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96854","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96855","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-11T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96859","published_at":"2026-04-12T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.9686","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96873","published_at":"2026-04-21T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96874","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96876","published_at":"2026-04-26T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96879","published_at":"2026-04-29T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96885","published_at":"2026-05-05T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-05-07T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96895","published_at":"2026-05-09T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-05-11T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96904","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0290"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202345","reference_id":"1202345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202345"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0290"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1r3e-8nb4-nyaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20552?format=json","vulnerability_id":"VCID-2by2-tzdd-kkc7","summary":"Out-of-bounds Write\nIssue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications running\non PowerPC CPU based platforms if the CPU provides vector instructions.\n\nImpact summary: If an attacker can influence whether the POLY1305 MAC\nalgorithm is used, the application state might be corrupted with various\napplication dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\nPowerPC CPUs restores the contents of vector registers in a different order\nthan they are saved. Thus the contents of some of these vector registers\nare corrupted when returning to the caller. The vulnerable code is used only\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However unless the compiler uses the vector registers for storing\npointers, the most likely consequence, if any, would be an incorrect result\nof some application dependent calculations or a crash leading to a denial of\nservice.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3. If this cipher is enabled on the server a malicious\nclient can influence whether this AEAD cipher is used. This implies that\nTLS server applications using OpenSSL can be potentially impacted. However\nwe are currently not aware of any concrete application that would be affected\nby this issue therefore we consider this a Low severity security issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6129.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6129.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6129","reference_id":"","reference_type":"","scores":[{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85336","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85348","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85364","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85366","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85386","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85395","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85394","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85408","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85435","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85452","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85448","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85303","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85305","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85327","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02502","scoring_system":"epss","scoring_elements":"0.85349","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85565","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03331","scoring_system":"epss","scoring_elements":"0.87382","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6129"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/"}],"url":"https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35"},{"reference_url":"https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/"}],"url":"https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04"},{"reference_url":"https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/"}],"url":"https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015"},{"reference_url":"https://www.openssl.org/news/secadv/20240109.txt","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-22T14:31:57Z/"}],"url":"https://www.openssl.org/news/secadv/20240109.txt"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060347","reference_id":"1060347","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060347"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257571","reference_id":"2257571","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257571"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6129","reference_id":"CVE-2023-6129","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2447","reference_id":"RHSA-2024:2447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9088","reference_id":"RHSA-2024:9088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9088"},{"reference_url":"https://usn.ubuntu.com/6622-1/","reference_id":"USN-6622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6622-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934056?format=json","purl":"pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934059?format=json","purl":"pkg:deb/debian/openssl@3.1.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6129"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2by2-tzdd-kkc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62393?format=json","vulnerability_id":"VCID-38zm-z6ta-9bcm","summary":"Multiple vulnerabilities have been found in OpenSSL, the worst of\n    which allows attackers to conduct a time based side-channel attack.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2176.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2176.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2176","reference_id":"","reference_type":"","scores":[{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.92024","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.92016","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91928","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91968","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.9197","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91967","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91986","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91983","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91979","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91984","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.9198","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.91993","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07788","scoring_system":"epss","scoring_elements":"0.92007","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2176"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa123","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa123"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=2919516136a4227d9e6d8f2fe66ef976aaf8c561","reference_id":"","reference_type":"","scores":[],"url":"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=2919516136a4227d9e6d8f2fe66ef976aaf8c561"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us"},{"reference_url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202","reference_id":"","reference_type":"","scores":[],"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10160","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10160"},{"reference_url":"https://security.netapp.com/advisory/ntap-20160504-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20160504-0001/"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://www.openssl.org/news/secadv/20160503.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/news/secadv/20160503.txt"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.securityfocus.com/bid/89746","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/89746"},{"reference_url":"http://www.securityfocus.com/bid/91787","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91787"},{"reference_url":"http://www.securitytracker.com/id/1035721","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035721"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1331563","reference_id":"1331563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1331563"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2176","reference_id":"CVE-2016-2176","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2176"},{"reference_url":"https://security.gentoo.org/glsa/201612-16","reference_id":"GLSA-201612-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2176"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-38zm-z6ta-9bcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42654?format=json","vulnerability_id":"VCID-3dej-wqvv-muhe","summary":"Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3358.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3358","reference_id":"","reference_type":"","scores":[{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.9544","published_at":"2026-05-12T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95436","published_at":"2026-05-11T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95431","published_at":"2026-05-09T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95423","published_at":"2026-05-07T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95416","published_at":"2026-05-05T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95407","published_at":"2026-04-29T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95406","published_at":"2026-04-26T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95404","published_at":"2026-04-24T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95401","published_at":"2026-04-18T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95397","published_at":"2026-04-16T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95382","published_at":"2026-04-09T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95379","published_at":"2026-04-08T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95372","published_at":"2026-04-07T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95361","published_at":"2026-04-02T12:55:00Z"},{"value":"0.19455","scoring_system":"epss","scoring_elements":"0.95368","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3358"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3358","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3358"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0059.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0059.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221028-0014","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20221028-0014"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221028-0014/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20221028-0014/"},{"reference_url":"https://www.openssl.org/news/secadv/20221011.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openssl.org/news/secadv/20221011.txt"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021620","reference_id":"1021620","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021620"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2134740","reference_id":"2134740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2134740"},{"reference_url":"https://github.com/advisories/GHSA-4f63-89w9-3jjv","reference_id":"GHSA-4f63-89w9-3jjv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4f63-89w9-3jjv"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2523","reference_id":"RHSA-2023:2523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2523"},{"reference_url":"https://usn.ubuntu.com/5710-1/","reference_id":"USN-5710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934046?format=json","purl":"pkg:deb/debian/openssl@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3358","GHSA-4f63-89w9-3jjv"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3dej-wqvv-muhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64850?format=json","vulnerability_id":"VCID-3u2b-yumu-rkcd","summary":"openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15468.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15468","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05649","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05609","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06341","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.059","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05911","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06062","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06085","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06115","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06122","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06142","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06242","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06317","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06334","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05895","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05933","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05972","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05954","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05944","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15468"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65","reference_id":"1f08e54bad32843044fe8a675948d65e3b4ece65","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/"}],"url":"https://github.com/openssl/openssl/commit/1f08e54bad32843044fe8a675948d65e3b4ece65"},{"reference_url":"https://openssl-library.org/news/secadv/20260127.txt","reference_id":"20260127.txt","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/"}],"url":"https://openssl-library.org/news/secadv/20260127.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430377","reference_id":"2430377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430377"},{"reference_url":"https://github.com/openssl/openssl/commit/7c88376731c589ee5b36116c5a6e32d5ae5f7ae2","reference_id":"7c88376731c589ee5b36116c5a6e32d5ae5f7ae2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/"}],"url":"https://github.com/openssl/openssl/commit/7c88376731c589ee5b36116c5a6e32d5ae5f7ae2"},{"reference_url":"https://github.com/openssl/openssl/commit/b2539639400288a4580fe2d76247541b976bade4","reference_id":"b2539639400288a4580fe2d76247541b976bade4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/"}],"url":"https://github.com/openssl/openssl/commit/b2539639400288a4580fe2d76247541b976bade4"},{"reference_url":"https://github.com/openssl/openssl/commit/d75b309879631d45b972396ce4e5102559c64ac7","reference_id":"d75b309879631d45b972396ce4e5102559c64ac7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:52:10Z/"}],"url":"https://github.com/openssl/openssl/commit/d75b309879631d45b972396ce4e5102559c64ac7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1472","reference_id":"RHSA-2026:1472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1473","reference_id":"RHSA-2026:1473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1736","reference_id":"RHSA-2026:1736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2485","reference_id":"RHSA-2026:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2563","reference_id":"RHSA-2026:2563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3228","reference_id":"RHSA-2026:3228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7980-1/","reference_id":"USN-7980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934070?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934069?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-15468"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3u2b-yumu-rkcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88191?format=json","vulnerability_id":"VCID-45qa-rf1u-kbd8","summary":"openssl: incorrect error checking during CMS verification","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124464882609472&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124464882609472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127678688104458&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=127678688104458&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0591.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0591.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0591","reference_id":"","reference_type":"","scores":[{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.8525","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.8506","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85073","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85091","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85095","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85123","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85138","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85135","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85153","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85156","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85154","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85177","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85186","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85197","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85222","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02422","scoring_system":"epss","scoring_elements":"0.85236","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0591"},{"reference_url":"http://secunia.com/advisories/34411","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34411"},{"reference_url":"http://secunia.com/advisories/34460","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34460"},{"reference_url":"http://secunia.com/advisories/34666","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34666"},{"reference_url":"http://secunia.com/advisories/35065","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35065"},{"reference_url":"http://secunia.com/advisories/35380","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35380"},{"reference_url":"http://secunia.com/advisories/35729","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35729"},{"reference_url":"http://secunia.com/advisories/36701","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36701"},{"reference_url":"http://secunia.com/advisories/42724","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42724"},{"reference_url":"http://secunia.com/advisories/42733","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42733"},{"reference_url":"http://securitytracker.com/id?1021907","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1021907"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49432","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49432"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847"},{"reference_url":"http://support.apple.com/kb/HT3865","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3865"},{"reference_url":"http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html","reference_id":"","reference_type":"","scores":[],"url":"http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html"},{"reference_url":"http://www.openssl.org/news/secadv_20090325.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssl.org/news/secadv_20090325.txt"},{"reference_url":"http://www.osvdb.org/52865","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/52865"},{"reference_url":"http://www.php.net/archive/2009.php#id2009-04-08-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/archive/2009.php#id2009-04-08-1"},{"reference_url":"http://www.securityfocus.com/bid/34256","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/34256"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0850","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0850"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1020","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1020"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1175","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1175"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1548","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1548"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=492623","reference_id":"492623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=492623"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0591","reference_id":"CVE-2009-0591","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0591"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0591"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45qa-rf1u-kbd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82321?format=json","vulnerability_id":"VCID-491w-a5n6-7ufp","summary":"openssl: Insecure path defaults vulnerability in mingw builds","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1552.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1552","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22099","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22227","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22077","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22064","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22051","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.21954","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22028","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22108","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22076","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30694","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30685","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30817","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30865","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30743","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30775","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30778","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30734","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30688","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30712","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1552"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1745637","reference_id":"1745637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1745637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1552"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-491w-a5n6-7ufp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67395?format=json","vulnerability_id":"VCID-5791-w983-4bhn","summary":"openssl: Out-of-bounds read in HTTP client no_proxy handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9232.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9232","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10584","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10511","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10643","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10656","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10466","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10484","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1061","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1056","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11731","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11717","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11667","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11688","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1222","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12308","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12418","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9232"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20250930.txt","reference_id":"20250930.txt","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/"}],"url":"https://openssl-library.org/news/secadv/20250930.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396056","reference_id":"2396056","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396056"},{"reference_url":"https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35","reference_id":"2b4ec20e47959170422922eaff25346d362dcb35","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/"}],"url":"https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35"},{"reference_url":"https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b","reference_id":"654dc11d23468a74fc8ea4672b702dd3feb7be4b","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/"}],"url":"https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b"},{"reference_url":"https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3","reference_id":"7cf21a30513c9e43c4bc3836c237cf086e194af3","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/"}],"url":"https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3"},{"reference_url":"https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf","reference_id":"89e790ac431125a4849992858490bed6b225eadf","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/"}],"url":"https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf"},{"reference_url":"https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0","reference_id":"bbf38c034cdabd0a13330abcc4855c866f53d2e0","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:22:31Z/"}],"url":"https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7786-1/","reference_id":"USN-7786-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7786-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934075?format=json","purl":"pkg:deb/debian/openssl@3.0.17-1~deb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.17-1~deb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934078?format=json","purl":"pkg:deb/debian/openssl@3.5.1-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.1-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934077?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-9232"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5791-w983-4bhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74028?format=json","vulnerability_id":"VCID-638m-dfwf-7bdv","summary":"openssl: Possible denial of service in X.509 name checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6119.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6119.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6119","reference_id":"","reference_type":"","scores":[{"value":"0.05484","scoring_system":"epss","scoring_elements":"0.9024","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90385","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90368","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.9038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90398","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90413","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90412","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90406","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90421","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90419","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06553","scoring_system":"epss","scoring_elements":"0.91186","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06553","scoring_system":"epss","scoring_elements":"0.91214","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06553","scoring_system":"epss","scoring_elements":"0.91203","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06553","scoring_system":"epss","scoring_elements":"0.91177","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06553","scoring_system":"epss","scoring_elements":"0.91173","published_at":"2026-04-29T12:55:00Z"},{"value":"0.14258","scoring_system":"epss","scoring_elements":"0.94452","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6119"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f","reference_id":"05f360d9e849a1b277db628f1f13083a7f8dd04f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/"}],"url":"https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f"},{"reference_url":"https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6","reference_id":"06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/"}],"url":"https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2306158","reference_id":"2306158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2306158"},{"reference_url":"https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2","reference_id":"621f3729831b05ee828a3203eddb621d014ff2b2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/"}],"url":"https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2"},{"reference_url":"https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0","reference_id":"7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:20:39Z/"}],"url":"https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10135","reference_id":"RHSA-2024:10135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11109","reference_id":"RHSA-2024:11109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6783","reference_id":"RHSA-2024:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7213","reference_id":"RHSA-2024:7213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7599","reference_id":"RHSA-2024:7599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8935","reference_id":"RHSA-2024:8935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8935"},{"reference_url":"https://usn.ubuntu.com/6986-1/","reference_id":"USN-6986-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6986-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934067?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934066?format=json","purl":"pkg:deb/debian/openssl@3.3.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.3.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-6119"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-638m-dfwf-7bdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11810?format=json","vulnerability_id":"VCID-6pd1-d9gx-kfc1","summary":"Loop with Unreachable Exit Condition ('Infinite Loop')\nInternally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. The exact behaviour will depend on the application but it could result in crashes, infinite loops or other similar incorrect responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4044.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4044.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4044","reference_id":"","reference_type":"","scores":[{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95103","published_at":"2026-04-18T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95099","published_at":"2026-04-16T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.9509","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95088","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95086","published_at":"2026-04-11T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.9508","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95077","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.9507","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95068","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1758","scoring_system":"epss","scoring_elements":"0.95057","published_at":"2026-04-01T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96955","published_at":"2026-05-12T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96927","published_at":"2026-04-24T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96929","published_at":"2026-04-26T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96933","published_at":"2026-04-29T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96937","published_at":"2026-05-05T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96941","published_at":"2026-05-07T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96947","published_at":"2026-05-09T12:55:00Z"},{"value":"0.3328","scoring_system":"epss","scoring_elements":"0.96949","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4044"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=758754966791c537ea95241438454aa86f91f256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=758754966791c537ea95241438454aa86f91f256"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=758754966791c537ea95241438454aa86f91f256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=758754966791c537ea95241438454aa86f91f256"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2021-0129.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2021-0129.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211229-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20211229-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211229-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20211229-0003/"},{"reference_url":"https://www.openssl.org/news/secadv/20211214.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openssl.org/news/secadv/20211214.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2033761","reference_id":"2033761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2033761"},{"reference_url":"https://security.archlinux.org/AVG-2641","reference_id":"AVG-2641","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2641"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4044","reference_id":"CVE-2021-4044","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4044"},{"reference_url":"https://github.com/advisories/GHSA-mmjf-f5jw-w72q","reference_id":"GHSA-mmjf-f5jw-w72q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mmjf-f5jw-w72q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-4044","GHSA-mmjf-f5jw-w72q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pd1-d9gx-kfc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84891?format=json","vulnerability_id":"VCID-6zka-x9q6-4fcy","summary":"openssl: excessive allocation of memory in dtls1_preprocess_fragment()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6308.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6308","reference_id":"","reference_type":"","scores":[{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.9534","published_at":"2026-04-01T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95356","published_at":"2026-04-04T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.9536","published_at":"2026-04-07T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95367","published_at":"2026-04-08T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.9537","published_at":"2026-04-09T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95374","published_at":"2026-04-12T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95377","published_at":"2026-04-13T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95384","published_at":"2026-04-16T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95388","published_at":"2026-04-18T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95391","published_at":"2026-04-21T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95392","published_at":"2026-04-24T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95394","published_at":"2026-04-26T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95395","published_at":"2026-04-29T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95404","published_at":"2026-05-05T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95411","published_at":"2026-05-07T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95418","published_at":"2026-05-09T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95424","published_at":"2026-05-11T12:55:00Z"},{"value":"0.19367","scoring_system":"epss","scoring_elements":"0.95428","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6308"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378208","reference_id":"1378208","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-6308"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zka-x9q6-4fcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46267?format=json","vulnerability_id":"VCID-71yj-bmak-pkdu","summary":"Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in remote code execution.","references":[{"reference_url":"http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3602.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3602","reference_id":"","reference_type":"","scores":[{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99266","published_at":"2026-04-08T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99269","published_at":"2026-04-18T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99268","published_at":"2026-04-12T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99267","published_at":"2026-04-13T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99265","published_at":"2026-04-07T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99272","published_at":"2026-04-26T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99271","published_at":"2026-04-24T12:55:00Z"},{"value":"0.83219","scoring_system":"epss","scoring_elements":"0.99259","published_at":"2026-04-02T12:55:00Z"},{"value":"0.83506","scoring_system":"epss","scoring_elements":"0.99293","published_at":"2026-05-12T12:55:00Z"},{"value":"0.83506","scoring_system":"epss","scoring_elements":"0.99291","published_at":"2026-05-11T12:55:00Z"},{"value":"0.83506","scoring_system":"epss","scoring_elements":"0.9929","published_at":"2026-05-07T12:55:00Z"},{"value":"0.83506","scoring_system":"epss","scoring_elements":"0.99289","published_at":"2026-05-05T12:55:00Z"},{"value":"0.84357","scoring_system":"epss","scoring_elements":"0.99324","published_at":"2026-04-21T12:55:00Z"},{"value":"0.84616","scoring_system":"epss","scoring_elements":"0.99336","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3602"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3"},{"reference_url":"https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3"},{"reference_url":"https://github.com/rustsec/advisory-db/pull/1452","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rustsec/advisory-db/pull/1452"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3602","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3602"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0064.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0064.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221102-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20221102-0001"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html"},{"reference_url":"https://www.kb.cert.org/vuls/id/794340","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"https://www.kb.cert.org/vuls/id/794340"},{"reference_url":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/"},{"reference_url":"https://www.openssl.org/news/secadv/20221101.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"https://www.openssl.org/news/secadv/20221101.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/16"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/17","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/18"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/19","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/19"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/20","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/20"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/21","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/21"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/24"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/10","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/11","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/12","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/13","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/13"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/14","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/10","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/11","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137723","reference_id":"2137723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137723"},{"reference_url":"https://github.com/advisories/GHSA-8rwr-x37p-mx23","reference_id":"GHSA-8rwr-x37p-mx23","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8rwr-x37p-mx23"},{"reference_url":"https://security.gentoo.org/glsa/202211-01","reference_id":"GLSA-202211-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/"}],"url":"https://security.gentoo.org/glsa/202211-01"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7288","reference_id":"RHSA-2022:7288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7384","reference_id":"RHSA-2022:7384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7384"},{"reference_url":"https://usn.ubuntu.com/5710-1/","reference_id":"USN-5710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934046?format=json","purl":"pkg:deb/debian/openssl@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3602","GHSA-8rwr-x37p-mx23"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-71yj-bmak-pkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267365?format=json","vulnerability_id":"VCID-74wu-sup9-cybb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28386.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28386","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15147","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15809","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15772","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16112","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16108","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16065","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15951","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1607","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17577","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1754","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20611","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20609","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:15:21Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451099","reference_id":"2451099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451099"},{"reference_url":"https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621","reference_id":"61f428a2fc6671ede184a19f71e6e495f0689621","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:15:21Z/"}],"url":"https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-28386"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-74wu-sup9-cybb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64280?format=json","vulnerability_id":"VCID-7f9q-mhsr-8bfq","summary":"openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2673","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04507","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04363","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04379","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04398","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04439","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0444","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04467","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04503","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04504","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1379","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13759","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13722","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13672","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13857","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13657","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14928","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14919","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2673"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650","reference_id":"1130650","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650"},{"reference_url":"https://openssl-library.org/news/secadv/20260313.txt","reference_id":"20260313.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"}],"url":"https://openssl-library.org/news/secadv/20260313.txt"},{"reference_url":"https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f","reference_id":"2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"}],"url":"https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447327","reference_id":"2447327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447327"},{"reference_url":"https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34","reference_id":"85977e013f32ceb96aa034c0e741adddc1a05e34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"}],"url":"https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041989?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2673"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7f9q-mhsr-8bfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267371?format=json","vulnerability_id":"VCID-87vs-4p6w-xbgq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31789","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01203","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01206","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01574","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01559","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07303","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07287","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07277","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07309","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07443","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08227","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00557","published_at":"2026-05-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00562","published_at":"2026-05-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00889","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00883","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451095","reference_id":"2451095","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451095"},{"reference_url":"https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde","reference_id":"364f095b80601db632b0def6a33316967f863bde","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde"},{"reference_url":"https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf","reference_id":"7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf"},{"reference_url":"https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49","reference_id":"945b935ac66cc7f1a41f1b849c7c25adb5351f49","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49"},{"reference_url":"https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9","reference_id":"a24216018e1ede8ff01a4ff5afff7dfbd443e2f9","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9"},{"reference_url":"https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521","reference_id":"a91e537d16d74050dbde50bb0dfb1fe9930f0521","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041990?format=json","purl":"pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041989?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-31789"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87vs-4p6w-xbgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16380?format=json","vulnerability_id":"VCID-8s28-acfa-kkhj","summary":"NULL Pointer Dereference\nAn invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0217","reference_id":"","reference_type":"","scores":[{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6821","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68199","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6816","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6812","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68167","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68138","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77454","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77335","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.7737","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77388","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77397","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77424","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77447","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01029","scoring_system":"epss","scoring_elements":"0.77436","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=23985bac83fd50c8e29431009302b5442f985096"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0012.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0012.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:50Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164499","reference_id":"2164499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164499"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0217","reference_id":"CVE-2023-0217","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0217"},{"reference_url":"https://github.com/advisories/GHSA-vxrh-cpg7-8vjr","reference_id":"GHSA-vxrh-cpg7-8vjr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vxrh-cpg7-8vjr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934048?format=json","purl":"pkg:deb/debian/openssl@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0217","GHSA-vxrh-cpg7-8vjr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s28-acfa-kkhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133033?format=json","vulnerability_id":"VCID-93qs-cwuv-13dc","summary":"OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1378","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45469","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45445","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45573","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45649","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45668","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45615","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.4567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45666","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45688","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45658","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45716","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45711","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45575","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45583","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45523","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45417","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45482","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45501","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1378"},{"reference_url":"http://support.apple.com/kb/HT4435","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4435"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1378","reference_id":"CVE-2010-1378","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-1378"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93qs-cwuv-13dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53964?format=json","vulnerability_id":"VCID-99xj-17z4-1qhe","summary":"openssl-src heap memory corruption with RSA private key operation\nThe OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2274.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2274","reference_id":"","reference_type":"","scores":[{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97349","published_at":"2026-05-12T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97345","published_at":"2026-05-11T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97339","published_at":"2026-05-09T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97335","published_at":"2026-05-07T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.9733","published_at":"2026-05-05T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97327","published_at":"2026-04-29T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97324","published_at":"2026-04-24T12:55:00Z"},{"value":"0.39689","scoring_system":"epss","scoring_elements":"0.97325","published_at":"2026-04-26T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97517","published_at":"2026-04-04T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97514","published_at":"2026-04-02T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97519","published_at":"2026-04-07T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97525","published_at":"2026-04-08T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97526","published_at":"2026-04-09T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97529","published_at":"2026-04-11T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97531","published_at":"2026-04-12T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97532","published_at":"2026-04-13T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.9754","published_at":"2026-04-16T12:55:00Z"},{"value":"0.439","scoring_system":"epss","scoring_elements":"0.97542","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2274"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/issues/18625","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openssl/openssl/issues/18625"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4d8a88c134df634ba610ff8db1eb8478ac5fd345","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4d8a88c134df634ba610ff8db1eb8478ac5fd345"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2274","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2274"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0033.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0033.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220715-0010","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220715-0010"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220715-0010/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220715-0010/"},{"reference_url":"https://www.openssl.org/news/secadv/20220705.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openssl.org/news/secadv/20220705.txt"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013441","reference_id":"1013441","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013441"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102943","reference_id":"2102943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102943"},{"reference_url":"https://github.com/advisories/GHSA-735f-pg76-fxc4","reference_id":"GHSA-735f-pg76-fxc4","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-735f-pg76-fxc4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934045?format=json","purl":"pkg:deb/debian/openssl@3.0.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2274","GHSA-735f-pg76-fxc4"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-99xj-17z4-1qhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64851?format=json","vulnerability_id":"VCID-9b9g-yngp-7kd7","summary":"openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15469.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15469.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15469","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00295","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00411","published_at":"2026-05-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00396","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00422","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00423","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00424","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00419","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00426","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00416","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00292","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00405","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00402","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00403","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.004","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00398","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00392","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15469"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260127.txt","reference_id":"20260127.txt","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:54:00Z/"}],"url":"https://openssl-library.org/news/secadv/20260127.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430378","reference_id":"2430378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430378"},{"reference_url":"https://github.com/openssl/openssl/commit/310f305eb92ea8040d6b3cb75a5feeba8e6acf2f","reference_id":"310f305eb92ea8040d6b3cb75a5feeba8e6acf2f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:54:00Z/"}],"url":"https://github.com/openssl/openssl/commit/310f305eb92ea8040d6b3cb75a5feeba8e6acf2f"},{"reference_url":"https://github.com/openssl/openssl/commit/a7936fa4bd23c906e1955a16a0a0ab39a4953a61","reference_id":"a7936fa4bd23c906e1955a16a0a0ab39a4953a61","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T14:54:00Z/"}],"url":"https://github.com/openssl/openssl/commit/a7936fa4bd23c906e1955a16a0a0ab39a4953a61"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1472","reference_id":"RHSA-2026:1472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1473","reference_id":"RHSA-2026:1473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1736","reference_id":"RHSA-2026:1736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2485","reference_id":"RHSA-2026:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2563","reference_id":"RHSA-2026:2563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3228","reference_id":"RHSA-2026:3228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7980-1/","reference_id":"USN-7980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934070?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934069?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-15469"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9b9g-yngp-7kd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67394?format=json","vulnerability_id":"VCID-9nmg-h851-gfcq","summary":"openssl: Timing side-channel in SM2 algorithm on 64 bit ARM","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9231.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9231","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06101","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06027","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06085","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.061","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06197","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05996","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05962","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05973","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06124","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06137","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06169","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06176","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05961","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05945","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05984","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06022","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06005","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9231"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20250930.txt","reference_id":"20250930.txt","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/"}],"url":"https://openssl-library.org/news/secadv/20250930.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396055","reference_id":"2396055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396055"},{"reference_url":"https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe","reference_id":"567f64386e43683888212226824b6a179885a0fe","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/"}],"url":"https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe"},{"reference_url":"https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698","reference_id":"cba616c26ac8e7b37de5e77762e505ba5ca51698","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/"}],"url":"https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698"},{"reference_url":"https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4","reference_id":"eed5adc9f969d77c94f213767acbb41ff923b6f4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/"}],"url":"https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4"},{"reference_url":"https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2","reference_id":"fc47a2ec078912b3e914fab5734535e76c4820c2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T19:27:45Z/"}],"url":"https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7786-1/","reference_id":"USN-7786-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7786-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934078?format=json","purl":"pkg:deb/debian/openssl@3.5.1-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.1-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934077?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-9231"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nmg-h851-gfcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/147775?format=json","vulnerability_id":"VCID-9umk-zzdr-1bbb","summary":"A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2234","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29566","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29633","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29682","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29503","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29604","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29606","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29561","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29508","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29527","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29499","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29454","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29341","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29227","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29161","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29076","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29091","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29014","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29035","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2234"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2014-2234"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9umk-zzdr-1bbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18400?format=json","vulnerability_id":"VCID-b3u8-1a2y-judf","summary":"Improper Authentication\nIssue summary: The AES-SIV cipher implementation contains a bug that causes\nit to ignore empty associated data entries which are unauthenticated as\na consequence.\n\nImpact summary: Applications that use the AES-SIV algorithm and want to\nauthenticate empty data entries as associated data can be mislead by removing\nadding or reordering such empty entries as these are ignored by the OpenSSL\nimplementation. We are currently unaware of any such applications.\n\nThe AES-SIV algorithm allows for authentication of multiple associated\ndata entries along with the encryption. To authenticate empty data the\napplication has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with\nNULL pointer as the output buffer and 0 as the input buffer length.\nThe AES-SIV implementation in OpenSSL just returns success for such a call\ninstead of performing the associated data authentication operation.\nThe empty data thus will not be authenticated.\n\nAs this issue does not affect non-empty associated data authentication and\nwe expect it to be rare for an application to use empty associated data\nentries this is qualified as Low severity issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2975.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2975","reference_id":"","reference_type":"","scores":[{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40342","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40366","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40328","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40356","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40324","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40169","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40156","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40075","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.3994","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40008","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40367","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40343","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40354","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40899","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41516","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41542","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:23Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:23Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230725-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20230725-0004/"},{"reference_url":"https://www.openssl.org/news/secadv/20230714.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:23Z/"}],"url":"https://www.openssl.org/news/secadv/20230714.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/07/15/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2023/07/15/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/07/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2023/07/19/5"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041818","reference_id":"1041818","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041818"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223016","reference_id":"2223016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223016"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2975","reference_id":"CVE-2023-2975","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2447","reference_id":"RHSA-2024:2447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2447"},{"reference_url":"https://usn.ubuntu.com/6450-1/","reference_id":"USN-6450-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6450-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934051?format=json","purl":"pkg:deb/debian/openssl@3.0.10-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934052?format=json","purl":"pkg:deb/debian/openssl@3.0.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2975"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3u8-1a2y-judf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87095?format=json","vulnerability_id":"VCID-c2uj-69s7-jkbn","summary":"openssl: incomplete fix of CVE-2012-2110 for 0.9.x","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2131.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2131","reference_id":"","reference_type":"","scores":[{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.91966","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.91974","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.91982","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.91988","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92007","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92022","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92019","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92016","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.9202","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92015","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92027","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.9204","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92049","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.9205","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07856","scoring_system":"epss","scoring_elements":"0.92057","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2131"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=815661","reference_id":"815661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=815661"},{"reference_url":"https://usn.ubuntu.com/1428-1/","reference_id":"USN-1428-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1428-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2012-2131"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2uj-69s7-jkbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267372?format=json","vulnerability_id":"VCID-cef8-2p5t-bff7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31790","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01498","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04414","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03992","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03975","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03972","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04017","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0397","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04827","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0482","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04587","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0568","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06296","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06309","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac","reference_id":"001e01db3e996e13ffc72386fe79d03a6683b5ac","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451094","reference_id":"2451094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451094"},{"reference_url":"https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482","reference_id":"abd8b2eec7e3f3fda60ecfb68498b246b52af482","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482"},{"reference_url":"https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406","reference_id":"b922e24e5b23ffb9cb9e14cadff23d91e9f7e406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406"},{"reference_url":"https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790","reference_id":"d5f8e71cd0a54e961d0c3b174348f8308486f790","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790"},{"reference_url":"https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e","reference_id":"eed200f58cd8645ed77e46b7e9f764e284df379e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12195","reference_id":"RHSA-2026:12195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041990?format=json","purl":"pkg:deb/debian/openssl@3.0.19-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.19-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041989?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-31790"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cef8-2p5t-bff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35745?format=json","vulnerability_id":"VCID-cjvp-qu4p-gyb3","summary":"Multiple vulnerabilities were found in OpenSSL, allowing for the\n    execution of arbitrary code and other attacks.","references":[{"reference_url":"http://cvs.openssl.org/chngview?cn=20098","reference_id":"","reference_type":"","scores":[],"url":"http://cvs.openssl.org/chngview?cn=20098"},{"reference_url":"http://marc.info/?l=bugtraq&m=129916880600544&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=129916880600544&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=130497251507577&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=130497251507577&w=2"},{"reference_url":"http://openssl.org/news/secadv_20101202.txt","reference_id":"","reference_type":"","scores":[],"url":"http://openssl.org/news/secadv_20101202.txt"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4252.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4252","reference_id":"","reference_type":"","scores":[{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82952","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82736","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82752","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82765","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82762","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82794","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82811","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82806","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82801","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82841","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.8284","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82843","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82865","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82878","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82898","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82918","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82939","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82937","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4252"},{"reference_url":"http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf"},{"reference_url":"http://secunia.com/advisories/42469","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42469"},{"reference_url":"http://secunia.com/advisories/57353","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/57353"},{"reference_url":"http://securitytracker.com/id?1024823","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024823"},{"reference_url":"https://github.com/seb-m/jpake","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/seb-m/jpake"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19039","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19039"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"},{"reference_url":"http://www.securityfocus.com/bid/45163","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/45163"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3120","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3120"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3122","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3122"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=659297","reference_id":"659297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=659297"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4252","reference_id":"CVE-2010-4252","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4252"},{"reference_url":"https://security.gentoo.org/glsa/201110-01","reference_id":"GLSA-201110-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4252"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjvp-qu4p-gyb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64844?format=json","vulnerability_id":"VCID-d4rs-rag3-cfcy","summary":"openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15467.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15467","reference_id":"","reference_type":"","scores":[{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72078","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.7215","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72135","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.7212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72161","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72169","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72198","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72207","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72202","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74333","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.7436","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76291","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.7632","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.8418","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.84198","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.84181","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260127.txt","reference_id":"20260127.txt","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/"}],"url":"https://openssl-library.org/news/secadv/20260127.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430376","reference_id":"2430376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430376"},{"reference_url":"https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703","reference_id":"2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/"}],"url":"https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703"},{"reference_url":"https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9","reference_id":"5f26d4202f5b89664c5c3f3c62086276026ba9a9","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/"}],"url":"https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9"},{"reference_url":"https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3","reference_id":"6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/"}],"url":"https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3"},{"reference_url":"https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e","reference_id":"ce39170276daec87f55c39dad1f629b56344429e","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/"}],"url":"https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e"},{"reference_url":"https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc","reference_id":"d0071a0799f20cc8101730145349ed4487c268dc","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-19T18:39:38Z/"}],"url":"https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1472","reference_id":"RHSA-2026:1472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1473","reference_id":"RHSA-2026:1473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1496","reference_id":"RHSA-2026:1496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1503","reference_id":"RHSA-2026:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1519","reference_id":"RHSA-2026:1519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1594","reference_id":"RHSA-2026:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1733","reference_id":"RHSA-2026:1733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1736","reference_id":"RHSA-2026:1736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2072","reference_id":"RHSA-2026:2072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2077","reference_id":"RHSA-2026:2077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2485","reference_id":"RHSA-2026:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2563","reference_id":"RHSA-2026:2563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2633","reference_id":"RHSA-2026:2633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2659","reference_id":"RHSA-2026:2659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2659"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2671","reference_id":"RHSA-2026:2671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2844","reference_id":"RHSA-2026:2844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2974","reference_id":"RHSA-2026:2974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2995","reference_id":"RHSA-2026:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3228","reference_id":"RHSA-2026:3228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3415","reference_id":"RHSA-2026:3415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4419","reference_id":"RHSA-2026:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6481","reference_id":"RHSA-2026:6481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7980-1/","reference_id":"USN-7980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934071?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934070?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934069?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-15467"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rs-rag3-cfcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64852?format=json","vulnerability_id":"VCID-g8at-dasq-h3fb","summary":"openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66199.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66199.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-66199","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20166","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2058","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.207","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20696","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20688","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20575","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20571","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2054","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2043","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20502","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2059","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20566","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20649","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20726","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20786","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20804","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20762","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-66199"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260127.txt","reference_id":"20260127.txt","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/"}],"url":"https://openssl-library.org/news/secadv/20260127.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430379","reference_id":"2430379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430379"},{"reference_url":"https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4","reference_id":"3ed1f75249932b155eef993a8e66a99cb98bfef4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/"}],"url":"https://github.com/openssl/openssl/commit/3ed1f75249932b155eef993a8e66a99cb98bfef4"},{"reference_url":"https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451","reference_id":"6184a4fb08ee6d7bca570d931a4e8bef40b64451","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/"}],"url":"https://github.com/openssl/openssl/commit/6184a4fb08ee6d7bca570d931a4e8bef40b64451"},{"reference_url":"https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5","reference_id":"895150b5e021d16b52fb32b97e1dd12f20448be5","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/"}],"url":"https://github.com/openssl/openssl/commit/895150b5e021d16b52fb32b97e1dd12f20448be5"},{"reference_url":"https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4","reference_id":"966a2478046c311ed7dae50c457d0db4cafbf7e4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T15:03:12Z/"}],"url":"https://github.com/openssl/openssl/commit/966a2478046c311ed7dae50c457d0db4cafbf7e4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1472","reference_id":"RHSA-2026:1472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1473","reference_id":"RHSA-2026:1473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1736","reference_id":"RHSA-2026:1736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2485","reference_id":"RHSA-2026:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2563","reference_id":"RHSA-2026:2563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3228","reference_id":"RHSA-2026:3228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7980-1/","reference_id":"USN-7980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934070?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934069?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-66199"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8at-dasq-h3fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26448?format=json","vulnerability_id":"VCID-gqj1-zam7-c3bv","summary":"Vulnerable OpenSSL included in cryptography wheels\npyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12797.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12797","reference_id":"","reference_type":"","scores":[{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.68874","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.68881","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69342","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.72644","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.7262","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.72589","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.72635","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.72608","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73551","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73528","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73559","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73572","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73578","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.7357","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73613","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73622","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00773","scoring_system":"epss","scoring_elements":"0.73614","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12797"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/"}],"url":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9"},{"reference_url":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/"}],"url":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7"},{"reference_url":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/"}],"url":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699"},{"reference_url":"https://github.com/pyca/cryptography","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography"},{"reference_url":"https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-12797","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-12797"},{"reference_url":"https://openssl-library.org/news/secadv/20250211.txt","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T20:24:14Z/"}],"url":"https://openssl-library.org/news/secadv/20250211.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/02/11/3","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/02/11/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/02/11/4","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/02/11/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095765","reference_id":"1095765","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095765"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342757","reference_id":"2342757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342757"},{"reference_url":"https://github.com/advisories/GHSA-79v4-65xg-pq4g","reference_id":"GHSA-79v4-65xg-pq4g","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-79v4-65xg-pq4g"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1330","reference_id":"RHSA-2025:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1487","reference_id":"RHSA-2025:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1925","reference_id":"RHSA-2025:1925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1985","reference_id":"RHSA-2025:1985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1985"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2754","reference_id":"RHSA-2025:2754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4005","reference_id":"RHSA-2025:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9895","reference_id":"RHSA-2025:9895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9895"},{"reference_url":"https://usn.ubuntu.com/7264-1/","reference_id":"USN-7264-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7264-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934060?format=json","purl":"pkg:deb/debian/openssl@3.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-12797","GHSA-79v4-65xg-pq4g"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqj1-zam7-c3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/266405?format=json","vulnerability_id":"VCID-gxy4-4rja-ufd2","summary":"certificate verification bypass","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4575","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22726","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22687","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22684","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22581","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22666","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22744","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2271","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23046","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22838","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22912","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22964","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22982","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22945","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22889","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22903","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22896","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22857","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22693","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4575"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106322","reference_id":"1106322","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106322"},{"reference_url":"https://openssl-library.org/news/secadv/20250522.txt","reference_id":"20250522.txt","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:30:40Z/"}],"url":"https://openssl-library.org/news/secadv/20250522.txt"},{"reference_url":"https://security.archlinux.org/AVG-2882","reference_id":"AVG-2882","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2882"},{"reference_url":"https://github.com/openssl/openssl/commit/e96d22446e633d117e6c9904cb15b4693e956eaa","reference_id":"e96d22446e633d117e6c9904cb15b4693e956eaa","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T14:30:40Z/"}],"url":"https://github.com/openssl/openssl/commit/e96d22446e633d117e6c9904cb15b4693e956eaa"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934073?format=json","purl":"pkg:deb/debian/openssl@3.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-4575"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxy4-4rja-ufd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19612?format=json","vulnerability_id":"VCID-h6n1-tsqt-17bw","summary":"Generation of Weak Initialization Vector (IV)\nIssue summary: A bug has been identified in the processing of key and\ninitialisation vector (IV) lengths. This can lead to potential truncation\nor overruns during the initialisation of some symmetric ciphers.\n\nImpact summary: A truncation in the IV can result in non-uniqueness,\nwhich could result in loss of confidentiality for some cipher modes.\n\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or\nEVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after\nthe key and IV have been established. Any alterations to the key length,\nvia the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter,\nwithin the OSSL_PARAM array will not take effect as intended, potentially\ncausing truncation or overreading of these values. The following ciphers\nand cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\n\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in\nloss of confidentiality. For example, when following NIST's SP 800-38D\nsection 8.2.1 guidance for constructing a deterministic IV for AES in\nGCM mode, truncation of the counter portion could lead to IV reuse.\n\nBoth truncations and overruns of the key and overruns of the IV will\nproduce incorrect results and could, in some cases, trigger a memory\nexception. However, these issues are not currently assessed as security\ncritical.\n\nChanging the key and/or IV lengths is not considered to be a common operation\nand the vulnerable API was recently introduced. Furthermore it is likely that\napplication developers will have spotted this problem during testing since\ndecryption would fail unless both peers in the communication were similarly\nvulnerable. For these reasons we expect the probability of an application being\nvulnerable to this to be quite low. However if an application is vulnerable then\nthis issue is considered very serious. For these reasons we have assessed this\nissue as Moderate severity overall.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because\nthe issue lies outside of the FIPS provider boundary.\n\nOpenSSL 3.1 and 3.0 is vulnerable to this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5363.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5363.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5363","reference_id":"","reference_type":"","scores":[{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89416","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89383","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89394","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89396","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89412","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89423","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89419","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89434","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89435","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89448","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89452","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89454","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04745","scoring_system":"epss","scoring_elements":"0.89462","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0487","scoring_system":"epss","scoring_elements":"0.89569","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0487","scoring_system":"epss","scoring_elements":"0.89614","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0487","scoring_system":"epss","scoring_elements":"0.89623","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0487","scoring_system":"epss","scoring_elements":"0.89627","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06469","scoring_system":"epss","scoring_elements":"0.91163","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:15:36Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:15:36Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231027-0010/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20231027-0010/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5532","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2023/dsa-5532"},{"reference_url":"https://www.openssl.org/news/secadv/20231024.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:15:36Z/"}],"url":"https://www.openssl.org/news/secadv/20231024.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/24/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2023/10/24/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243839","reference_id":"2243839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243839"},{"reference_url":"https://security.archlinux.org/AVG-2848","reference_id":"AVG-2848","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2848"},{"reference_url":"https://security.archlinux.org/AVG-2849","reference_id":"AVG-2849","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2849"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5363","reference_id":"CVE-2023-5363","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0310","reference_id":"RHSA-2024:0310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0500","reference_id":"RHSA-2024:0500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2094","reference_id":"RHSA-2024:2094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2094"},{"reference_url":"https://usn.ubuntu.com/6450-1/","reference_id":"USN-6450-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6450-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934054?format=json","purl":"pkg:deb/debian/openssl@3.0.11-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.11-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934055?format=json","purl":"pkg:deb/debian/openssl@3.0.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5363"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6n1-tsqt-17bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64849?format=json","vulnerability_id":"VCID-j51b-cm37-6fdj","summary":"openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11187.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11187.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11187","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00356","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00354","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00503","published_at":"2026-05-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00481","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00483","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0048","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00485","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00516","published_at":"2026-04-21T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00512","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00513","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00518","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00505","published_at":"2026-05-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00488","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00486","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00484","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11187"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260127.txt","reference_id":"20260127.txt","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/"}],"url":"https://openssl-library.org/news/secadv/20260127.txt"},{"reference_url":"https://github.com/openssl/openssl/commit/205e3a55e16e4bd08c12fdbd3416ab829c0f6206","reference_id":"205e3a55e16e4bd08c12fdbd3416ab829c0f6206","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/"}],"url":"https://github.com/openssl/openssl/commit/205e3a55e16e4bd08c12fdbd3416ab829c0f6206"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430375","reference_id":"2430375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430375"},{"reference_url":"https://github.com/openssl/openssl/commit/8caf359d6e46fb413e8f5f0df765d2e8a51df4e8","reference_id":"8caf359d6e46fb413e8f5f0df765d2e8a51df4e8","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/"}],"url":"https://github.com/openssl/openssl/commit/8caf359d6e46fb413e8f5f0df765d2e8a51df4e8"},{"reference_url":"https://github.com/openssl/openssl/commit/e1079bc17ed93ff16f6b86f33a2fe3336e78817e","reference_id":"e1079bc17ed93ff16f6b86f33a2fe3336e78817e","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-20T03:55:43Z/"}],"url":"https://github.com/openssl/openssl/commit/e1079bc17ed93ff16f6b86f33a2fe3336e78817e"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1472","reference_id":"RHSA-2026:1472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1473","reference_id":"RHSA-2026:1473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1496","reference_id":"RHSA-2026:1496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1736","reference_id":"RHSA-2026:1736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2485","reference_id":"RHSA-2026:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2563","reference_id":"RHSA-2026:2563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3228","reference_id":"RHSA-2026:3228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7261","reference_id":"RHSA-2026:7261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7261"},{"reference_url":"https://usn.ubuntu.com/7980-1/","reference_id":"USN-7980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934070?format=json","purl":"pkg:deb/debian/openssl@3.5.4-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.4-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934069?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-11187"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j51b-cm37-6fdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34919?format=json","vulnerability_id":"VCID-jv1d-sb5f-xfga","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0208.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0208.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0208","reference_id":"","reference_type":"","scores":[{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96461","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96469","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96474","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96478","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96486","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96489","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96493","published_at":"2026-04-11T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96494","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96496","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96502","published_at":"2026-04-16T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96509","published_at":"2026-04-24T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96511","published_at":"2026-04-26T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96512","published_at":"2026-04-29T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96519","published_at":"2026-05-05T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96521","published_at":"2026-05-07T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96527","published_at":"2026-05-09T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96529","published_at":"2026-05-11T12:55:00Z"},{"value":"0.28158","scoring_system":"epss","scoring_elements":"0.96534","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0208"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202369","reference_id":"1202369","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202369"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0208"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jv1d-sb5f-xfga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62398?format=json","vulnerability_id":"VCID-jw9j-13y5-fkdw","summary":"Multiple vulnerabilities have been found in OpenSSL, the worst of\n    which allows attackers to conduct a time based side-channel attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6305.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6305","reference_id":"","reference_type":"","scores":[{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96207","published_at":"2026-05-12T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96176","published_at":"2026-04-24T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96177","published_at":"2026-04-29T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96186","published_at":"2026-05-05T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96194","published_at":"2026-05-07T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96199","published_at":"2026-05-09T12:55:00Z"},{"value":"0.2493","scoring_system":"epss","scoring_elements":"0.96202","published_at":"2026-05-11T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96891","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96902","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96866","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96871","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96885","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.96888","published_at":"2026-04-11T12:55:00Z"},{"value":"0.32972","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378127","reference_id":"1378127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378127"},{"reference_url":"https://security.gentoo.org/glsa/201612-16","reference_id":"GLSA-201612-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-6305"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jw9j-13y5-fkdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52632?format=json","vulnerability_id":"VCID-ncw4-3azc-1fb5","summary":"Denial of service by double-checked locking in openssl-src\nIf an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3996.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3996.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3996","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38183","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38159","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38247","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38238","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38168","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38401","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38559","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38661","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38657","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38667","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38651","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38639","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38677","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38675","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3996"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs"},{"reference_url":"https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T21:11:25Z/"}],"url":"https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3996","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3996"},{"reference_url":"https://www.openssl.org/news/secadv/20221213.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-01T21:11:25Z/"}],"url":"https://www.openssl.org/news/secadv/20221213.txt"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027102","reference_id":"1027102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153239","reference_id":"2153239","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153239"},{"reference_url":"https://github.com/advisories/GHSA-vr8j-hgmm-jh9r","reference_id":"GHSA-vr8j-hgmm-jh9r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vr8j-hgmm-jh9r"},{"reference_url":"https://usn.ubuntu.com/6039-1/","reference_id":"USN-6039-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6039-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934047?format=json","purl":"pkg:deb/debian/openssl@3.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3996","GHSA-vr8j-hgmm-jh9r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncw4-3azc-1fb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35738?format=json","vulnerability_id":"VCID-pe34-qqqg-3qe1","summary":"Multiple vulnerabilities were found in OpenSSL, allowing for the\n    execution of arbitrary code and other attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0433.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0433.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0433","reference_id":"","reference_type":"","scores":[{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95002","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95011","published_at":"2026-04-02T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95015","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95027","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95033","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95035","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95046","published_at":"2026-04-16T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.9505","published_at":"2026-04-18T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95052","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95051","published_at":"2026-04-26T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95053","published_at":"2026-04-29T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95063","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95069","published_at":"2026-05-07T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95079","published_at":"2026-05-09T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95084","published_at":"2026-05-11T12:55:00Z"},{"value":"0.17272","scoring_system":"epss","scoring_elements":"0.95089","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0433"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=569774","reference_id":"569774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=569774"},{"reference_url":"https://security.gentoo.org/glsa/201110-01","reference_id":"GLSA-201110-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0433"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pe34-qqqg-3qe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84881?format=json","vulnerability_id":"VCID-q7te-hzsm-fkck","summary":"openssl: Use After Free for large message sizes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6309.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6309","reference_id":"","reference_type":"","scores":[{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96464","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96536","published_at":"2026-05-12T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.9653","published_at":"2026-05-09T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96531","published_at":"2026-05-11T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96477","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96482","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.9649","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96493","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96497","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.965","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96506","published_at":"2026-04-16T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96511","published_at":"2026-04-18T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96512","published_at":"2026-04-21T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96513","published_at":"2026-04-24T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96514","published_at":"2026-04-26T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96516","published_at":"2026-04-29T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96522","published_at":"2026-05-05T12:55:00Z"},{"value":"0.28212","scoring_system":"epss","scoring_elements":"0.96523","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6309"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1379302","reference_id":"1379302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1379302"},{"reference_url":"https://security.archlinux.org/AVG-31","reference_id":"AVG-31","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-31"},{"reference_url":"https://security.archlinux.org/AVG-32","reference_id":"AVG-32","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-6309"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q7te-hzsm-fkck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76352?format=json","vulnerability_id":"VCID-r2qs-dmuf-zkev","summary":"openssl: Excessive time spent checking DSA keys and parameters","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4603.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4603","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25505","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25777","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25719","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25722","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25705","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.2568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25625","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25617","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25567","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25456","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25522","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25583","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25878","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.2569","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25761","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25809","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25819","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071972","reference_id":"1071972","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071972"},{"reference_url":"https://www.openssl.org/news/secadv/20240516.txt","reference_id":"20240516.txt","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/"}],"url":"https://www.openssl.org/news/secadv/20240516.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281029","reference_id":"2281029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281029"},{"reference_url":"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397","reference_id":"3559e868e58005d15c6013a0c1fd832e51c73397","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/"}],"url":"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397"},{"reference_url":"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e","reference_id":"53ea06486d296b890d565fb971b2764fcd826e7e","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/"}],"url":"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e"},{"reference_url":"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d","reference_id":"9c39b3858091c152f52513c066ff2c5a47969f0d","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/"}],"url":"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d"},{"reference_url":"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740","reference_id":"da343d0605c826ef197aceedc67e8e04f065f740","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:27:25Z/"}],"url":"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9333","reference_id":"RHSA-2024:9333","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9333"},{"reference_url":"https://usn.ubuntu.com/6937-1/","reference_id":"USN-6937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934063?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934064?format=json","purl":"pkg:deb/debian/openssl@3.2.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.2.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-4603"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2qs-dmuf-zkev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34918?format=json","vulnerability_id":"VCID-r69y-4x9c-euhv","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0207.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0207.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0207","reference_id":"","reference_type":"","scores":[{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96832","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.9684","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96841","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96854","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96855","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-11T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96859","published_at":"2026-04-12T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.9686","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96873","published_at":"2026-04-21T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96874","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96876","published_at":"2026-04-26T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96879","published_at":"2026-04-29T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96885","published_at":"2026-05-05T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-05-07T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96895","published_at":"2026-05-09T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-05-11T12:55:00Z"},{"value":"0.32562","scoring_system":"epss","scoring_elements":"0.96904","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0207"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202351","reference_id":"1202351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202351"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0207"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r69y-4x9c-euhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90558?format=json","vulnerability_id":"VCID-r791-tdk3-4bet","summary":"OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124464882609472&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=124464882609472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127678688104458&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=127678688104458&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0789.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0789","reference_id":"","reference_type":"","scores":[{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.86059","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85879","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.8589","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.8591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85928","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85938","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85953","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85951","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85946","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85965","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85968","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85959","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85979","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.85988","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.86008","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.8603","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.86047","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02727","scoring_system":"epss","scoring_elements":"0.86045","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0789"},{"reference_url":"http://secunia.com/advisories/34411","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34411"},{"reference_url":"http://secunia.com/advisories/34460","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34460"},{"reference_url":"http://secunia.com/advisories/34666","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34666"},{"reference_url":"http://secunia.com/advisories/35065","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35065"},{"reference_url":"http://secunia.com/advisories/35380","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35380"},{"reference_url":"http://secunia.com/advisories/35729","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35729"},{"reference_url":"http://secunia.com/advisories/36701","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36701"},{"reference_url":"http://secunia.com/advisories/42724","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42724"},{"reference_url":"http://secunia.com/advisories/42733","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42733"},{"reference_url":"http://securitytracker.com/id?1021906","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1021906"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49433","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49433"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847"},{"reference_url":"http://support.apple.com/kb/HT3865","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3865"},{"reference_url":"http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html","reference_id":"","reference_type":"","scores":[],"url":"http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html"},{"reference_url":"http://www.openssl.org/news/secadv_20090325.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssl.org/news/secadv_20090325.txt"},{"reference_url":"http://www.osvdb.org/52866","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/52866"},{"reference_url":"http://www.php.net/archive/2009.php#id2009-04-08-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.php.net/archive/2009.php#id2009-04-08-1"},{"reference_url":"http://www.securityfocus.com/bid/34256","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/34256"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0850","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0850"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1020","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1020"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1175","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1175"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1548","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1548"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0789","reference_id":"CVE-2009-0789","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0789"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0789"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r791-tdk3-4bet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34926?format=json","vulnerability_id":"VCID-rmcw-df8y-wqgn","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0291.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0291","reference_id":"","reference_type":"","scores":[{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.94495","published_at":"2026-04-24T12:55:00Z"},{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.94493","published_at":"2026-04-29T12:55:00Z"},{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.94507","published_at":"2026-05-07T12:55:00Z"},{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.94517","published_at":"2026-05-09T12:55:00Z"},{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.94521","published_at":"2026-05-11T12:55:00Z"},{"value":"0.14593","scoring_system":"epss","scoring_elements":"0.94527","published_at":"2026-05-12T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96906","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96907","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96875","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96918","published_at":"2026-04-18T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96887","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96892","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.969","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96901","published_at":"2026-04-09T12:55:00Z"},{"value":"0.33218","scoring_system":"epss","scoring_elements":"0.96904","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0291"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202338","reference_id":"1202338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202338"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0291"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rmcw-df8y-wqgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35741?format=json","vulnerability_id":"VCID-rxkb-79tg-zuaz","summary":"Multiple vulnerabilities were found in OpenSSL, allowing for the\n    execution of arbitrary code and other attacks.","references":[{"reference_url":"http://cvs.openssl.org/chngview?cn=19693","reference_id":"","reference_type":"","scores":[],"url":"http://cvs.openssl.org/chngview?cn=19693"},{"reference_url":"http://cvs.openssl.org/filediff?f=openssl/crypto/rsa/rsa_pmeth.c&v1=1.34&v2=1.34.2.1","reference_id":"","reference_type":"","scores":[],"url":"http://cvs.openssl.org/filediff?f=openssl/crypto/rsa/rsa_pmeth.c&v1=1.34&v2=1.34.2.1"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1633.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1633.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1633","reference_id":"","reference_type":"","scores":[{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73765","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.736","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.7361","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73642","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73655","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73678","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.7366","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73652","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73695","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73705","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73737","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.7373","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73756","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73779","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00779","scoring_system":"epss","scoring_elements":"0.73743","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1633"},{"reference_url":"http://secunia.com/advisories/40024","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40024"},{"reference_url":"http://secunia.com/advisories/57353","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/57353"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"},{"reference_url":"http://www.openssl.org/news/secadv_20100601.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssl.org/news/secadv_20100601.txt"},{"reference_url":"http://www.securityfocus.com/bid/40503","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40503"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1313","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1313"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=598732","reference_id":"598732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=598732"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1633","reference_id":"CVE-2010-1633","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1633"},{"reference_url":"https://security.gentoo.org/glsa/201110-01","reference_id":"GLSA-201110-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-1633"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxkb-79tg-zuaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18968?format=json","vulnerability_id":"VCID-t4t8-753w-zqc5","summary":"POLY1305 MAC implementation corrupts XMM registers on Windows\nIssue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications on the\nWindows 64 platform when running on newer X86_64 processors supporting the\nAVX512-IFMA instructions.\n\nImpact summary: If in an application that uses the OpenSSL library an attacker\ncan influence whether the POLY1305 MAC algorithm is used, the application\nstate might be corrupted with various application dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL does\nnot save the contents of non-volatile XMM registers on Windows 64 platform\nwhen calculating the MAC of data larger than 64 bytes. Before returning to\nthe caller all the XMM registers are set to zero rather than restoring their\nprevious content. The vulnerable code is used only on newer x86_64 processors\nsupporting the AVX512-IFMA instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However given the contents of the registers are just zeroized so\nthe attacker cannot put arbitrary values inside, the most likely consequence,\nif any, would be an incorrect result of some application dependent\ncalculations or a crash leading to a denial of service.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3 and a malicious client can influence whether this AEAD\ncipher is used by the server. This implies that server applications using\nOpenSSL can be potentially impacted. However we are currently not aware of\nany concrete application that would be affected by this issue therefore we\nconsider this a Low severity security issue.\n\nAs a workaround the AVX512-IFMA instructions support can be disabled at\nruntime by setting the environment variable OPENSSL_ia32cap:\n\n  OPENSSL_ia32cap=:~0x200000\n\nThe FIPS provider is not affected by this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4807.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4807","reference_id":"","reference_type":"","scores":[{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71594","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71479","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71515","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71513","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71563","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71598","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71564","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74337","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74364","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74386","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74407","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74379","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74416","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.74425","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74952","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4807"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230921-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20230921-0001/"},{"reference_url":"https://www.openssl.org/news/secadv/20230908.txt","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/"}],"url":"https://www.openssl.org/news/secadv/20230908.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238009","reference_id":"2238009","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238009"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4807","reference_id":"CVE-2023-4807","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4807"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4807"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t8-753w-zqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17337?format=json","vulnerability_id":"VCID-t9w1-a3z2-qqar","summary":"Out-of-bounds Read\nIssue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1255.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1255","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15891","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15899","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15954","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15838","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15874","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15836","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15689","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.157","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24225","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24171","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24054","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24136","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24349","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2656","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26488","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26505","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1255"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a"},{"reference_url":"https://www.openssl.org/news/secadv/20230419.txt","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/"}],"url":"https://www.openssl.org/news/secadv/20230419.txt"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720","reference_id":"1034720","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188461","reference_id":"2188461","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188461"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1255","reference_id":"CVE-2023-1255","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1255"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230908-0006/","reference_id":"ntap-20230908-0006","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:14:55Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230908-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3722","reference_id":"RHSA-2023:3722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3722"},{"reference_url":"https://usn.ubuntu.com/6119-1/","reference_id":"USN-6119-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6119-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934049?format=json","purl":"pkg:deb/debian/openssl@3.0.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-1255"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9w1-a3z2-qqar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16589?format=json","vulnerability_id":"VCID-tk2r-atbr-73ge","summary":"Out-of-bounds Read\nA read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4203.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4203","reference_id":"","reference_type":"","scores":[{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69336","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69328","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69349","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69343","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69284","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69872","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69846","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69877","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.7299","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73065","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73041","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73027","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73091","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.72994","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73081","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73038","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:14Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0008.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0008.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:14Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:57:14Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164488","reference_id":"2164488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164488"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4203","reference_id":"CVE-2022-4203","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4203"},{"reference_url":"https://github.com/advisories/GHSA-w67w-mw4j-8qrv","reference_id":"GHSA-w67w-mw4j-8qrv","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w67w-mw4j-8qrv"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934048?format=json","purl":"pkg:deb/debian/openssl@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-4203","GHSA-w67w-mw4j-8qrv"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tk2r-atbr-73ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14301?format=json","vulnerability_id":"VCID-ttju-tw1d-f3ay","summary":"Improper Certificate Validation\nThe function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL \"ocsp\" application. When verifying an ocsp response with the \"-no_cert_checks\" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1343.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1343.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1343","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34799","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34815","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34805","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34843","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34838","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3481","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34766","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34887","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3486","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34643","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48329","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48392","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48405","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48352","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48331","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48355","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48299","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1343"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/github/advisory-database/issues/405","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/issues/405"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0027.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0027.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220602-0009","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220602-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220602-0009/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220602-0009/"},{"reference_url":"https://www.openssl.org/news/secadv/20220503.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/"}],"url":"https://www.openssl.org/news/secadv/20220503.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087911","reference_id":"2087911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087911"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1343","reference_id":"CVE-2022-1343","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1343"},{"reference_url":"https://github.com/advisories/GHSA-mfm6-r9g2-q4r7","reference_id":"GHSA-mfm6-r9g2-q4r7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mfm6-r9g2-q4r7"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a","reference_id":"?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:12Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6224","reference_id":"RHSA-2022:6224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6224"},{"reference_url":"https://usn.ubuntu.com/5402-1/","reference_id":"USN-5402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5402-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-1343","GHSA-mfm6-r9g2-q4r7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ttju-tw1d-f3ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77841?format=json","vulnerability_id":"VCID-tw8y-th2e-x7ex","summary":"openssl: Excessive time spent checking invalid RSA public keys","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6237","reference_id":"","reference_type":"","scores":[{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66906","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66933","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66968","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66974","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66975","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.6699","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.67005","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66977","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.67019","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.67058","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.6703","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67624","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67605","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67635","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.7381","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d","reference_id":"0b0f7abfb37350794a4b8960fafc292cd5d1b84d","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/"}],"url":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060858","reference_id":"1060858","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060858"},{"reference_url":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a","reference_id":"18c02492138d1eb8b6548cb26e7b625fb2414a2a","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/"}],"url":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a"},{"reference_url":"https://www.openssl.org/news/secadv/20240115.txt","reference_id":"20240115.txt","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/"}],"url":"https://www.openssl.org/news/secadv/20240115.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258502","reference_id":"2258502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258502"},{"reference_url":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294","reference_id":"a830f551557d3d66a84bbb18a5b889c640c36294","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T14:44:52Z/"}],"url":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2447","reference_id":"RHSA-2024:2447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9088","reference_id":"RHSA-2024:9088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9088"},{"reference_url":"https://usn.ubuntu.com/6622-1/","reference_id":"USN-6622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6622-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934056?format=json","purl":"pkg:deb/debian/openssl@3.0.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934059?format=json","purl":"pkg:deb/debian/openssl@3.1.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.1.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6237"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tw8y-th2e-x7ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34921?format=json","vulnerability_id":"VCID-v45q-mw2w-67g5","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0285.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0285","reference_id":"","reference_type":"","scores":[{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.9236","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92366","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92373","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92377","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92389","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92394","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92402","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.924","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92411","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92412","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92416","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92421","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92431","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.92443","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08548","scoring_system":"epss","scoring_elements":"0.9245","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0285"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202410","reference_id":"1202410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202410"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0285"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v45q-mw2w-67g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84890?format=json","vulnerability_id":"VCID-wp1w-7td9-87gs","summary":"openssl: excessive allocation of memory in tls_get_message_header()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6307.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6307.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6307","reference_id":"","reference_type":"","scores":[{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94218","published_at":"2026-05-12T12:55:00Z"},{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94177","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94184","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94195","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94207","published_at":"2026-05-09T12:55:00Z"},{"value":"0.13256","scoring_system":"epss","scoring_elements":"0.94212","published_at":"2026-05-11T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95545","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95555","published_at":"2026-04-16T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.9556","published_at":"2026-04-18T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95512","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.9552","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.9553","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95536","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95539","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20439","scoring_system":"epss","scoring_elements":"0.95543","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378203","reference_id":"1378203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378203"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-6307"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wp1w-7td9-87gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14306?format=json","vulnerability_id":"VCID-wxvb-73gj-p3eu","summary":"Use of a Broken or Risky Cryptographic Algorithm\nThe OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such that the modified data would still pass the MAC integrity check. Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 endpoint will always be rejected by the recipient and the connection will fail at that point. Many application protocols require data to be sent from the client to the server first. Therefore, in such a case, only an OpenSSL 3.0 server would be impacted when talking to a non-OpenSSL 3.0 client. If both endpoints are OpenSSL 3.0 then the attacker could modify data being sent in both directions. In this case both clients and servers could be affected, regardless of the application protocol. Note that in the absence of an attacker this bug means that an OpenSSL 3.0 endpoint communicating with a non-OpenSSL 3.0 endpoint will fail to complete the handshake when using this ciphersuite. The confidentiality of data is not impacted by this issue, i.e. an attacker cannot decrypt data that has been encrypted using this ciphersuite - they can only modify it. In order for this attack to work both endpoints must legitimately negotiate the RC4-MD5 ciphersuite. This ciphersuite is not compiled by default in OpenSSL 3.0, and is not available within the default provider or the default ciphersuite list. This ciphersuite will never be used if TLSv1.3 has been negotiated. In order for an OpenSSL 3.0 endpoint to use this ciphersuite the following must have occurred: 1) OpenSSL must have been compiled with the (non-default) compile time option enable-weak-ssl-ciphers 2) OpenSSL must have had the legacy provider explicitly loaded (either through application code or via configuration) 3) The ciphersuite must have been explicitly added to the ciphersuite list 4) The libssl security level must have been set to 0 (default is 1) 5) A version of SSL/TLS below TLSv1.3 must have been negotiated 6) Both endpoints must negotiate the RC4-MD5 ciphersuite in preference to any others that both endpoints have in common Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1434.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1434","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2054","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2061","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20686","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20746","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20766","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20722","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20656","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20654","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20645","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20532","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20528","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20498","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20391","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20462","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20549","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20526","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20695","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20838","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20895","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1434"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/github/advisory-database/issues/405","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/issues/405"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d56a74a96828985db7354a55227a511615f732b","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d56a74a96828985db7354a55227a511615f732b"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0026.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0026.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220602-0009","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220602-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220602-0009/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220602-0009/"},{"reference_url":"https://www.openssl.org/news/secadv/20220503.txt","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openssl.org/news/secadv/20220503.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087912","reference_id":"2087912","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087912"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1434","reference_id":"CVE-2022-1434","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1434"},{"reference_url":"https://github.com/advisories/GHSA-638m-m8mh-7gw2","reference_id":"GHSA-638m-m8mh-7gw2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-638m-m8mh-7gw2"},{"reference_url":"https://usn.ubuntu.com/5402-1/","reference_id":"USN-5402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5402-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-1434","GHSA-638m-m8mh-7gw2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxvb-73gj-p3eu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46268?format=json","vulnerability_id":"VCID-xq7s-zrwb-yffw","summary":"Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in remote code execution.","references":[{"reference_url":"http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3786","reference_id":"","reference_type":"","scores":[{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.9558","published_at":"2026-04-12T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95579","published_at":"2026-04-11T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95572","published_at":"2026-04-08T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95565","published_at":"2026-04-07T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95562","published_at":"2026-04-04T12:55:00Z"},{"value":"0.2063","scoring_system":"epss","scoring_elements":"0.95557","published_at":"2026-04-02T12:55:00Z"},{"value":"0.21428","scoring_system":"epss","scoring_elements":"0.95718","published_at":"2026-04-18T12:55:00Z"},{"value":"0.21428","scoring_system":"epss","scoring_elements":"0.95714","published_at":"2026-04-16T12:55:00Z"},{"value":"0.26622","scoring_system":"epss","scoring_elements":"0.96351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.26622","scoring_system":"epss","scoring_elements":"0.96353","published_at":"2026-04-26T12:55:00Z"},{"value":"0.27298","scoring_system":"epss","scoring_elements":"0.96436","published_at":"2026-05-09T12:55:00Z"},{"value":"0.27298","scoring_system":"epss","scoring_elements":"0.96427","published_at":"2026-05-05T12:55:00Z"},{"value":"0.27298","scoring_system":"epss","scoring_elements":"0.9643","published_at":"2026-05-07T12:55:00Z"},{"value":"0.27298","scoring_system":"epss","scoring_elements":"0.96439","published_at":"2026-05-11T12:55:00Z"},{"value":"0.27298","scoring_system":"epss","scoring_elements":"0.96444","published_at":"2026-05-12T12:55:00Z"},{"value":"0.30177","scoring_system":"epss","scoring_elements":"0.96692","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3786"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3"},{"reference_url":"https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3"},{"reference_url":"https://github.com/rustsec/advisory-db/pull/1452","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rustsec/advisory-db/pull/1452"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3786","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3786"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0065.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0065.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221102-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20221102-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221102-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20221102-0001/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"},{"reference_url":"https://www.kb.cert.org/vuls/id/794340","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.kb.cert.org/vuls/id/794340"},{"reference_url":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/"},{"reference_url":"https://www.openssl.org/news/secadv/20221101.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/"}],"url":"https://www.openssl.org/news/secadv/20221101.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/16"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/17","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/18"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/19","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/19"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/20","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/20"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/21","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/21"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/01/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/01/24"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/10","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/11","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/12","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/13","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/13"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/14","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/02/9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/02/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/10","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/11","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/03/9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/03/9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139104","reference_id":"2139104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139104"},{"reference_url":"https://github.com/advisories/GHSA-h8jm-2x53-xhp5","reference_id":"GHSA-h8jm-2x53-xhp5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h8jm-2x53-xhp5"},{"reference_url":"https://security.gentoo.org/glsa/202211-01","reference_id":"GLSA-202211-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202211-01"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7288","reference_id":"RHSA-2022:7288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7384","reference_id":"RHSA-2022:7384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7384"},{"reference_url":"https://usn.ubuntu.com/5710-1/","reference_id":"USN-5710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934046?format=json","purl":"pkg:deb/debian/openssl@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3786","GHSA-h8jm-2x53-xhp5"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xq7s-zrwb-yffw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16376?format=json","vulnerability_id":"VCID-xqt3-3um9-8faq","summary":"NULL Pointer Dereference\nA NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0401","reference_id":"","reference_type":"","scores":[{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.7458","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74559","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74592","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74493","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74536","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74535","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74566","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77061","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77029","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.7701","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77042","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77098","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01007","scoring_system":"epss","scoring_elements":"0.77096","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/alexcrichton/openssl-src-rs","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/alexcrichton/openssl-src-rs"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0013.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0013.html"},{"reference_url":"https://security.gentoo.org/glsa/202402-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/"}],"url":"https://security.gentoo.org/glsa/202402-08"},{"reference_url":"https://www.openssl.org/news/secadv/20230207.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:52Z/"}],"url":"https://www.openssl.org/news/secadv/20230207.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164500","reference_id":"2164500","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164500"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0401","reference_id":"CVE-2023-0401","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0401"},{"reference_url":"https://github.com/advisories/GHSA-vrh7-x64v-7vxq","reference_id":"GHSA-vrh7-x64v-7vxq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vrh7-x64v-7vxq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0946","reference_id":"RHSA-2023:0946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1199","reference_id":"RHSA-2023:1199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1199"},{"reference_url":"https://usn.ubuntu.com/5844-1/","reference_id":"USN-5844-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5844-1/"},{"reference_url":"https://usn.ubuntu.com/6564-1/","reference_id":"USN-6564-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6564-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934048?format=json","purl":"pkg:deb/debian/openssl@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0401","GHSA-vrh7-x64v-7vxq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xqt3-3um9-8faq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85640?format=json","vulnerability_id":"VCID-y71f-vhew-p3d2","summary":"openssl: Crash in ssleay_rand_bytes due to locking regression","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3216.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3216","reference_id":"","reference_type":"","scores":[{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81404","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81413","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81436","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81462","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81489","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81476","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81469","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81506","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81509","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81531","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81539","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81543","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81561","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81579","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81602","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81599","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01559","scoring_system":"epss","scoring_elements":"0.81616","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3216"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1227574","reference_id":"1227574","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1227574"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1115","reference_id":"RHSA-2015:1115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-3216"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y71f-vhew-p3d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/156096?format=json","vulnerability_id":"VCID-yb9y-4y13-efg6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5738","reference_id":"","reference_type":"","scores":[{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74111","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74117","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74143","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74114","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74147","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74162","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74183","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74165","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74159","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74196","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74197","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74232","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74241","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.7424","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74234","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74261","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74286","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74249","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74271","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5738"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5738"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yb9y-4y13-efg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34929?format=json","vulnerability_id":"VCID-zf5b-ajub-zue3","summary":"Multiple vulnerabilities have been found in OpenSSL that can result\n    in either Denial of Service or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1787.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1787","reference_id":"","reference_type":"","scores":[{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96222","published_at":"2026-04-01T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.9623","published_at":"2026-04-02T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96237","published_at":"2026-04-04T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96241","published_at":"2026-04-07T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.9625","published_at":"2026-04-08T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96257","published_at":"2026-04-12T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96258","published_at":"2026-04-13T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96267","published_at":"2026-04-16T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96272","published_at":"2026-04-18T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96273","published_at":"2026-04-21T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96274","published_at":"2026-04-24T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96276","published_at":"2026-04-26T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96278","published_at":"2026-04-29T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96289","published_at":"2026-05-05T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96296","published_at":"2026-05-07T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96302","published_at":"2026-05-09T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.96305","published_at":"2026-05-11T12:55:00Z"},{"value":"0.25826","scoring_system":"epss","scoring_elements":"0.9631","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1787"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202406","reference_id":"1202406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202406"},{"reference_url":"https://security.gentoo.org/glsa/201503-11","reference_id":"GLSA-201503-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-1787"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zf5b-ajub-zue3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14305?format=json","vulnerability_id":"VCID-zhwv-pq2x-8bey","summary":"Improper Resource Shutdown or Release\nThe `OPENSSL_LH_flush()` function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1473.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1473.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1473","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50936","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50906","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50949","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50919","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50868","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.5094","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50979","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50971","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51023","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.55926","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56058","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56036","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56087","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.5609","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56102","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56062","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56099","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1473"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/github/advisory-database/issues/405","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/issues/405"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=64c85430f95200b6b51fe9475bd5203f7c19daf1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=64c85430f95200b6b51fe9475bd5203f7c19daf1"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2022-0025.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2022-0025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220602-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220602-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220602-0009/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220602-0009/"},{"reference_url":"https://www.openssl.org/news/secadv/20220503.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://www.openssl.org/news/secadv/20220503.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087913","reference_id":"2087913","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087913"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1473","reference_id":"CVE-2022-1473","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1473"},{"reference_url":"https://github.com/advisories/GHSA-g323-fr93-4j3c","reference_id":"GHSA-g323-fr93-4j3c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g323-fr93-4j3c"},{"reference_url":"https://security.gentoo.org/glsa/202210-02","reference_id":"GLSA-202210-02","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://security.gentoo.org/glsa/202210-02"},{"reference_url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1","reference_id":"?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6224","reference_id":"RHSA-2022:6224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6224"},{"reference_url":"https://usn.ubuntu.com/5402-1/","reference_id":"USN-5402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5402-1/"},{"reference_url":"https://usn.ubuntu.com/5402-2/","reference_id":"USN-5402-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5402-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933976?format=json","purl":"pkg:deb/debian/openssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933951?format=json","purl":"pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-8gde-1md7-5yak"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933949?format=json","purl":"pkg:deb/debian/openssl@3.0.18-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8gde-1md7-5yak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.18-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933953?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7f9q-mhsr-8bfq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933952?format=json","purl":"pkg:deb/debian/openssl@3.6.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74wu-sup9-cybb"},{"vulnerability":"VCID-7f9q-mhsr-8bfq"},{"vulnerability":"VCID-87vs-4p6w-xbgq"},{"vulnerability":"VCID-cef8-2p5t-bff7"},{"vulnerability":"VCID-f2na-rtsu-ffad"},{"vulnerability":"VCID-hgvf-vxhr-cye8"},{"vulnerability":"VCID-wuwm-ksb1-6qd5"},{"vulnerability":"VCID-zkc9-huk8-27bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062518?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-1473","GHSA-g323-fr93-4j3c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhwv-pq2x-8bey"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"}