{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","type":"deb","namespace":"debian","name":"wolfssl","version":"4.6.0+p1-0+deb11u2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.0.0-1","latest_non_vulnerable_version":"5.9.0-0.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96335?format=json","vulnerability_id":"VCID-1u3q-52yd-1bhe","summary":"In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5991","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29552","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29507","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29577","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29626","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29448","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2955","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5991"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081788","reference_id":"1081788","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081788"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942912?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-5991"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1u3q-52yd-1bhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95892?format=json","vulnerability_id":"VCID-24s5-d6jt-4kfe","summary":"In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6936","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50799","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50795","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50838","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50761","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50786","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50743","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357","reference_id":"1059357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/6949/","reference_id":"6949","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-27T14:22:41Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/6949/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942910?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2023-6936"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24s5-d6jt-4kfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97095?format=json","vulnerability_id":"VCID-2ry7-trrg-gfdk","summary":"Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds read in ALPN handling when built with ALPN enabled (HAVE_ALPN / --enable-alpn). A crafted ALPN protocol list could trigger an out-of-bounds read, leading to a potential process crash (denial of service). Note that ALPN is disabled by default, but is enabled for these 3rd party compatibility features: enable-apachehttpd, enable-bind, enable-curl, enable-haproxy, enable-hitch, enable-lighty, enable-jni, enable-nginx, enable-quic.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3547","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14244","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14329","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14393","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.142","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14282","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14336","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3547"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9859","reference_id":"9859","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-21T03:33:12Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9859"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3547"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ry7-trrg-gfdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95932?format=json","vulnerability_id":"VCID-47nm-nte5-27fm","summary":"Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1545","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46028","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45972","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46027","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46048","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.4602","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46024","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1545"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7167","reference_id":"7167","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:19:14Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7167"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable","reference_id":"v5.7.0-stable","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:19:14Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942911?format=json","purl":"pkg:deb/debian/wolfssl@5.7.0-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.0-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-1545"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47nm-nte5-27fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97098?format=json","vulnerability_id":"VCID-4zda-zrq6-hbc8","summary":"wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted __muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions (sp_256_mul_9, sp_256_sqr_9, etc.), leading to a timing side-channel that may expose sensitive cryptographic data.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3579","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08686","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08618","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08669","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08589","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08687","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3579"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9855","reference_id":"9855","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T01:36:44Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3579"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zda-zrq6-hbc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95239?format=json","vulnerability_id":"VCID-6n4g-us9a-53g4","summary":"An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38152","reference_id":"","reference_type":"","scores":[{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85849","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85867","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85889","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85899","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85914","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85911","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02711","scoring_system":"epss","scoring_elements":"0.85906","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38152"},{"reference_url":"https://github.com/tlspuffin/tlspuffin","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/tlspuffin/tlspuffin"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/5468","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/5468"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021","reference_id":"1021021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38152","reference_id":"CVE-2022-38152","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38152"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942907?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-38152"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6n4g-us9a-53g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97034?format=json","vulnerability_id":"VCID-6v8z-cfax-zqbh","summary":"In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 (wolfSSL 5.8.2 and earlier is vulnerable, 5.8.4 is not vulnerable). In 5.8.4 wolfSSL would detect the issue later in the handshake. 5.9.0 was further hardened to catch the issue earlier in the handshake.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2645","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08122","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08138","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08087","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0813","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08081","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08143","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08157","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2645"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2645"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9694","reference_id":"9694","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:45:34Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-2645"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6v8z-cfax-zqbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95930?format=json","vulnerability_id":"VCID-7xbp-qkvv-bqgm","summary":"The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to:  https://doi.org/10.46586/tches.v2024.i1.457-500","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1543","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1236","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1244","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12401","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12455","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12499","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12383","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12434","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1543"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023","reference_id":"ChangeLog.md#wolfssl-release-566-dec-19-2023","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:19:28Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942910?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-1543"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xbp-qkvv-bqgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96470?format=json","vulnerability_id":"VCID-8735-ectc-j7a3","summary":"With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12889","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03507","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03533","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03556","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0357","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03581","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03562","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12889"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12889","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12889"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121205","reference_id":"1121205","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121205"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9395","reference_id":"9395","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:15:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-12889"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8735-ectc-j7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96332?format=json","vulnerability_id":"VCID-9hdy-aqa2-w3bd","summary":"A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello.  https://doi.org/10.46586/tches.v2024.i1.457-500","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5814","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44454","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4447","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44486","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44476","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44463","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5814"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081791","reference_id":"1081791","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081791"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later","reference_id":"ChangeLog.md#add_later","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/V:D/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:18:34Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942912?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-5814"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hdy-aqa2-w3bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96986?format=json","vulnerability_id":"VCID-9jpj-dfsf-qkce","summary":"Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing heap buffer overflow and a crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1005","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19928","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23922","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23985","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24073","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23856","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23968","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1005"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9571","reference_id":"9571","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:19:54Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9571"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-1005"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9jpj-dfsf-qkce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97093?format=json","vulnerability_id":"VCID-9jw2-3v9v-ruap","summary":"Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion.     This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3503","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0659","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06599","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0653","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0652","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0657","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06614","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06607","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3503"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9734","reference_id":"9734","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T19:24:29Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9734"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3503"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9jw2-3v9v-ruap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96480?format=json","vulnerability_id":"VCID-9kev-ferz-5bhr","summary":"Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13912","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05169","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05219","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05252","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05271","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05239","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05197","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06986","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13912"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9148","reference_id":"9148","reference_type":"","scores":[{"value":"1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T19:19:06Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9148"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-13912"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"0.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kev-ferz-5bhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97097?format=json","vulnerability_id":"VCID-9x14-2t7m-1kbm","summary":"Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3549","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20793","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20845","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20959","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20734","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20873","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20889","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3549"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9817","reference_id":"9817","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-24T01:37:47Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3549"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9x14-2t7m-1kbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95185?format=json","vulnerability_id":"VCID-cum2-vp1j-syfc","summary":"wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34293","reference_id":"","reference_type":"","scores":[{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76466","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76448","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.7648","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76494","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.7652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76499","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76493","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34293"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.4.0-stable","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.4.0-stable"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/08/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/08/6"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016981","reference_id":"1016981","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016981"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34293","reference_id":"CVE-2022-34293","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34293"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942907?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-34293"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cum2-vp1j-syfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96451?format=json","vulnerability_id":"VCID-cxhw-3w24-dkes","summary":"The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11932","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02488","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02486","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02499","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02502","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02523","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.025","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11932"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121197","reference_id":"1121197","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121197"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9223","reference_id":"9223","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:17:20Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-11932"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxhw-3w24-dkes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95931?format=json","vulnerability_id":"VCID-dpu2-4w42-kygw","summary":"Generating the ECDSA nonce k samples a random number r and then  truncates this randomness with a modular reduction mod n where n is the  order of the elliptic curve. Meaning k = r mod n. The division used  during the reduction estimates a factor q_e by dividing the upper two  digits (a digit having e.g. a size of 8 byte) of r by the upper digit of  n and then decrements q_e in a loop until it has the correct size.  Observing the number of times q_e is decremented through a control-flow  revealing side-channel reveals a bias in the most significant bits of  k. Depending on the curve this is either a negligible bias or a  significant bias large enough to reconstruct k with lattice reduction  methods. For SECP160R1, e.g., we find a bias of 15 bits.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1544","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22763","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22783","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22857","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22819","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22916","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22708","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1544"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081789","reference_id":"1081789","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081789"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7020","reference_id":"7020","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:14:00Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7020"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable","reference_id":"v5.7.2-stable","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:14:00Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942912?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-1544"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpu2-4w42-kygw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96049?format=json","vulnerability_id":"VCID-euma-vgqx-sbau","summary":"Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2881","reference_id":"","reference_type":"","scores":[{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61452","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61484","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.6147","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.6143","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61446","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61462","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2881"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable","reference_id":"v5.7.0-stable","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T14:18:26Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942911?format=json","purl":"pkg:deb/debian/wolfssl@5.7.0-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.0-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-2881"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-euma-vgqx-sbau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96935?format=json","vulnerability_id":"VCID-f4gq-hqcp-dqe2","summary":"In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7394","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16926","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21509","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21644","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21398","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21547","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2322","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109549","reference_id":"1109549","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109549"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025","reference_id":"ChangeLog.md#wolfssl-release-582-july-17-2025","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-21T15:00:11Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942914?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-7394"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4gq-hqcp-dqe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97112?format=json","vulnerability_id":"VCID-f57c-kamk-3bct","summary":"1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4159","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04924","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04942","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04927","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04979","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04961","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4159"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9945","reference_id":"9945","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T16:28:57Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9945"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-4159"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f57c-kamk-3bct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97096?format=json","vulnerability_id":"VCID-fmtp-x6y7-83g1","summary":"Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of bound writes could be triggered. Note this only affects builds that specifically enable CRL support, and the user would need to load a CRL from an untrusted source.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3548","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05491","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05537","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05511","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05498","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05441","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05475","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05479","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05516","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3548"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9628/","reference_id":"9628","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-19T18:00:17Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9628/"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9873/","reference_id":"9873","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-19T18:00:17Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9873/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3548"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fmtp-x6y7-83g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96454?format=json","vulnerability_id":"VCID-gcfd-w8je-kqfm","summary":"With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS (perfect forward secrecy) and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing psk_dhe_ke without a key_share extension. The re-use of an authenticated PSK connection that on the clients side unexpectedly did not have PFS, reduces the security of the connection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11935","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01402","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01415","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01408","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01401","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01404","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01414","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121200","reference_id":"1121200","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121200"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9112","reference_id":"9112","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-25T18:43:57Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9112"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-25T18:43:57Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-11935"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcfd-w8je-kqfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96453?format=json","vulnerability_id":"VCID-gdur-h588-vbb6","summary":"Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously could respond as ECDSA P256 being the accepted signature algorithm and the connection would continue with using ECDSA P256, if the client supports ECDSA P256.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11934","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03058","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03131","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03094","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0307","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03087","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03101","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03107","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11934"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121199","reference_id":"1121199","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121199"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9113","reference_id":"9113","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:22:47Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9113"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:22:47Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-11934"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdur-h588-vbb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97101?format=json","vulnerability_id":"VCID-gmdj-a1ys-tqc2","summary":"Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3849","reference_id":"","reference_type":"","scores":[{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.4197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41984","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41985","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.42012","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41989","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.42","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.42022","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3849"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9737","reference_id":"9737","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/V:D/RE:M/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:21:05Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9737"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3849"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gmdj-a1ys-tqc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96982?format=json","vulnerability_id":"VCID-h6na-nxxq-5yg9","summary":"A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wc_PKCS7_BuildSignedAttributes(), when adding custom signed attributes, the code passes an incorrect capacity value (esd->signedAttribsCount) to EncodeAttributes() instead of the remaining available space in the fixed-size signedAttribs[7] array. When an application sets pkcs7->signedAttribsSz to a value greater than MAX_SIGNED_ATTRIBS_SZ (default 7) minus the number of default attributes already added, EncodeAttributes() writes beyond the array bounds, causing stack memory corruption. In WOLFSSL_SMALL_STACK builds, this becomes heap corruption. Exploitation requires an application that allows untrusted input to control the signedAttribs array size when calling wc_PKCS7_EncodeSignedData() or related signing functions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0819","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05953","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05879","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05912","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05942","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05981","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05962","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0819"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9630","reference_id":"9630","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-19T17:19:26Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9630"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-0819"],"risk_score":1.0,"exploitability":"0.5","weighted_severity":"2.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6na-nxxq-5yg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96469?format=json","vulnerability_id":"VCID-hk8r-kk4v-1fa7","summary":"Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12888","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04815","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04836","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04786","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04809","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04826","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04864","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04881","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04859","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12888"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121204","reference_id":"1121204","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121204"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-12888"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hk8r-kk4v-1fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97114?format=json","vulnerability_id":"VCID-jxf4-y1au-5bhw","summary":"Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffer via a crafted oversized EC public key point. The WOLFSSL_KCAPI_ECC code path copies the input to key->pubkey_raw (132 bytes) using XMEMCPY without a bounds check, unlike the ATECC code path which includes a length validation. This can be triggered during TLS key exchange when a malicious peer sends a crafted ECPoint in ServerKeyExchange.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4395","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31928","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31962","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32057","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32097","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31919","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31971","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32003","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4395"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9988","reference_id":"9988","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/AU:Y/R:U/V:D/RE:L/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T17:09:25Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9988"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-4395"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxf4-y1au-5bhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96450?format=json","vulnerability_id":"VCID-khur-3ax7-9fhb","summary":"Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct calls from an application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11931","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05616","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05622","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0556","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05594","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05658","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05631","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11931"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121196","reference_id":"1121196","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121196"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9223","reference_id":"9223","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T15:41:59Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-11931"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khur-3ax7-9fhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97099?format=json","vulnerability_id":"VCID-n64w-nq6a-m7bv","summary":"In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_9 is optimized into conditional branches (bnez) by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret keys via timing analysis.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3580","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02053","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02057","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02074","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0208","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02075","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02077","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02094","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02072","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3580","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3580"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9855","reference_id":"9855","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T20:25:11Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3580"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n64w-nq6a-m7bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96452?format=json","vulnerability_id":"VCID-njbj-f91t-b7f4","summary":"Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11933","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17545","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17626","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17644","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17476","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17566","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11933"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121198","reference_id":"1121198","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121198"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9132","reference_id":"9132","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:20:56Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9132"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:20:56Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-11933"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-njbj-f91t-b7f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95914?format=json","vulnerability_id":"VCID-su8x-6n42-n3d5","summary":"Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0901","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46184","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46178","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46206","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46183","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.4616","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.4618","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46128","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53794","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0901"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067799","reference_id":"1067799","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067799"},{"reference_url":"https://github.com/wolfSSL/wolfssl/issues/7089","reference_id":"7089","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T18:38:31Z/"}],"url":"https://github.com/wolfSSL/wolfssl/issues/7089"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7099","reference_id":"7099","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T18:38:31Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7099"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942911?format=json","purl":"pkg:deb/debian/wolfssl@5.7.0-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.0-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-0901"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-su8x-6n42-n3d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95893?format=json","vulnerability_id":"VCID-u24a-2khf-uyba","summary":"wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6937","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63284","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63265","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63283","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.633","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63219","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63248","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63214","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357","reference_id":"1059357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/7029","reference_id":"7029","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T15:13:21Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/7029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942910?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2023-6937"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u24a-2khf-uyba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97068?format=json","vulnerability_id":"VCID-uvht-9bt9-hfbb","summary":"Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3230","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1932","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19221","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19227","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1918","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19372","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19168","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20036","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3230"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9754","reference_id":"9754","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/AU:Y/R:A/V:D/U:Clear"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T17:08:54Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9754"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3230"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uvht-9bt9-hfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97067?format=json","vulnerability_id":"VCID-v3m6-zajw-bfhb","summary":"An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3229","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02064","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02069","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02087","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02094","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02089","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02084","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3229"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9827","reference_id":"9827","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T16:29:39Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-3229"],"risk_score":0.6,"exploitability":"0.5","weighted_severity":"1.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3m6-zajw-bfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96263?format=json","vulnerability_id":"VCID-xfgd-4hs3-vygk","summary":"An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys,  such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5288","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2514","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25235","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25289","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2533","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25107","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25176","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25221","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5288"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081790","reference_id":"1081790","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081790"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable","reference_id":"v5.7.2-stable","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-27T19:22:54Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942912?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2024-5288"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfgd-4hs3-vygk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97035?format=json","vulnerability_id":"VCID-xuyn-pjpb-g7du","summary":"A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and corrupt heap memory. A maliciously crafted session would need to be loaded from an external source to trigger this vulnerability. Internal sessions were not vulnerable.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2646","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02148","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02189","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02166","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02167","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02168","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2646"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9748","reference_id":"9748","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:43:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9748"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9949","reference_id":"9949","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:43:50Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942915?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2026-2646"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xuyn-pjpb-g7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96455?format=json","vulnerability_id":"VCID-xxkx-w5pc-5uap","summary":"Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11936","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13366","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13473","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13447","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13412","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13483","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13544","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1334","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121202","reference_id":"1121202","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121202"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/9117","reference_id":"9117","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:19:13Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/9117"},{"reference_url":"https://github.com/wolfSSL/wolfssl","reference_id":"wolfssl","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T16:19:13Z/"}],"url":"https://github.com/wolfSSL/wolfssl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942913?format=json","purl":"pkg:deb/debian/wolfssl@5.8.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.8.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-11936"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xxkx-w5pc-5uap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95891?format=json","vulnerability_id":"VCID-zhf4-y8v8-gubn","summary":"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:  --enable-all CFLAGS=\"-DWOLFSSL_STATIC_RSA\"  The define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.  Therefore the default build since 3.6.6, even with \"--enable-all\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.  The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6935","reference_id":"","reference_type":"","scores":[{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54592","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54635","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.5463","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54643","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54615","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54584","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357","reference_id":"1059357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059357"},{"reference_url":"https://people.redhat.com/~hkario/marvin/","reference_id":"marvin","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T12:48:11Z/"}],"url":"https://people.redhat.com/~hkario/marvin/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942910?format=json","purl":"pkg:deb/debian/wolfssl@5.6.6-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.6.6-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2023-6935"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhf4-y8v8-gubn"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58737?format=json","vulnerability_id":"VCID-15fc-qcja-yfh6","summary":"wolfCrypt leaks cryptographic information via timing side channel\nwolfSSL and wolfCrypt 4.0.0 and earlier (when configured without `--enable-fpecc`, `--enable-sp`, or` --enable-sp-math`) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13628","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34882","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34902","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34687","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34886","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13628"},{"reference_url":"https://eprint.iacr.org/2011/232.pdf","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://eprint.iacr.org/2011/232.pdf"},{"reference_url":"https://github.com/wolfSSL/wolfcrypt-py","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wolfSSL/wolfcrypt-py"},{"reference_url":"https://minerva.crocs.fi.muni.cz","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://minerva.crocs.fi.muni.cz"},{"reference_url":"https://minerva.crocs.fi.muni.cz/","reference_id":"","reference_type":"","scores":[],"url":"https://minerva.crocs.fi.muni.cz/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13628","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:N/A:N"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13628"},{"reference_url":"https://tches.iacr.org/index.php/TCHES/article/view/7337","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tches.iacr.org/index.php/TCHES/article/view/7337"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/02/2","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/10/02/2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-q95h-vc86-hv77","reference_id":"GHSA-q95h-vc86-hv77","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q95h-vc86-hv77"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942894?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-13628","GHSA-q95h-vc86-hv77"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-15fc-qcja-yfh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340171?format=json","vulnerability_id":"VCID-17td-zhva-7fc1","summary":"A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION options results in the wolfSSL\n client failing to properly verify the server certificate's domain name,\n allowing any certificate issued by a trusted CA to be accepted regardless of the hostname.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7395","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1331","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16697","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16675","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16645","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1677","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1656","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17004","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7395"},{"reference_url":"http://github.com/wolfssl/wolfssl.git","reference_id":"wolfssl.git","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/AU:Y/V:D/U:Red"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T14:56:37Z/"}],"url":"http://github.com/wolfssl/wolfssl.git"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-7395"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17td-zhva-7fc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54392?format=json","vulnerability_id":"VCID-1uk4-yg8u-kyck","summary":"security update","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6491.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6491","reference_id":"","reference_type":"","scores":[{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8454","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84555","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84577","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8458","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84602","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84608","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84623","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"http://secunia.com/advisories/61579","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61579"},{"reference_url":"http://secunia.com/advisories/62073","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62073"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201411-02.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201411-02.xml"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"},{"reference_url":"http://www.securityfocus.com/bid/70444","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70444"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153483","reference_id":"1153483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153483"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6491","reference_id":"CVE-2014-6491","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6491"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-6491"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1uk4-yg8u-kyck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95002?format=json","vulnerability_id":"VCID-3774-6bd4-8qcs","summary":"wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44718","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42779","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42877","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42816","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42867","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.4288","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42901","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42866","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44718"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44718","reference_id":"CVE-2021-44718","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44718"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942904?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942905?format=json","purl":"pkg:deb/debian/wolfssl@5.1.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.1.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2021-44718"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3774-6bd4-8qcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94495?format=json","vulnerability_id":"VCID-3tpe-fc34-f7c2","summary":"An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24585","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46691","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.4673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46749","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46752","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46751","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46774","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46746","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46754","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24585"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24585","reference_id":"CVE-2020-24585","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942900?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-24585"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3tpe-fc34-f7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94048?format=json","vulnerability_id":"VCID-4h67-zsu4-c7dp","summary":"wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15651","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45224","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45135","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45216","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45238","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45181","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45257","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15651"},{"reference_url":"https://github.com/wolfSSL/wolfssl/issues/2421","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/issues/2421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15651","reference_id":"CVE-2019-15651","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15651"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942896?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-15651"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4h67-zsu4-c7dp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94496?format=json","vulnerability_id":"VCID-4sc5-xnae-93ff","summary":"wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers, and read or modify potentially sensitive information between clients using the wolfSSL library and these TLS servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24613","reference_id":"","reference_type":"","scores":[{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.4912","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49153","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49181","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49133","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49187","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49184","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49201","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49174","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.4918","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24613"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24613","reference_id":"CVE-2020-24613","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24613"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942900?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-24613"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4sc5-xnae-93ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54399?format=json","vulnerability_id":"VCID-56vb-qqan-6fcd","summary":"security update","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6496.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6496","reference_id":"","reference_type":"","scores":[{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65671","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.6572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65751","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65717","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.6577","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65781","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65788","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"http://secunia.com/advisories/61579","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61579"},{"reference_url":"http://secunia.com/advisories/62073","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62073"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201411-02.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201411-02.xml"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"},{"reference_url":"http://www.securityfocus.com/bid/70469","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70469"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153486","reference_id":"1153486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153486"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6496","reference_id":"CVE-2014-6496","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6496"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-6496"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56vb-qqan-6fcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92597?format=json","vulnerability_id":"VCID-5wuh-hgt7-4qcj","summary":"wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2904","reference_id":"","reference_type":"","scores":[{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45606","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45504","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45602","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.4555","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45628","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2904"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2904"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2014-2904","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2014-2904"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/04/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/04/18/2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2904","reference_id":"CVE-2014-2904","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2904"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942884?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-2904"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wuh-hgt7-4qcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10915?format=json","vulnerability_id":"VCID-6qxw-5u8d-sfhq","summary":"Information Exposure Through Discrepancy\nIn wolfSSL, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-24116","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48391","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48426","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48448","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48401","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48456","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.4845","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48447","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.4846","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-24116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24116"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991663","reference_id":"991663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-24116","reference_id":"CVE-2021-24116","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-24116"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942901?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2021-24116"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qxw-5u8d-sfhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94120?format=json","vulnerability_id":"VCID-6u9d-p6rs-mke3","summary":"In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19960","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57786","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5787","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57865","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57921","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57895","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19960"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942898?format=json","purl":"pkg:deb/debian/wolfssl@4.3.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.3.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-19960"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6u9d-p6rs-mke3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267334?format=json","vulnerability_id":"VCID-73c6-zn7h-6ude","summary":"In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519 feature. While the side-channel attack on extracting a private key would be very difficult to execute in practice, enabling blinding provides an additional layer of protection for devices that may be more susceptible to physical access or side-channel observation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7396","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08294","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11165","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11188","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11239","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11053","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11132","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11197","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11529","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025","reference_id":"ChangeLog.md#wolfssl-release-582-july-17-2025","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-21T15:04:36Z/"}],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-582-july-17-2025"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2025-7396"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73c6-zn7h-6ude"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93511?format=json","vulnerability_id":"VCID-7cuc-6hd9-bych","summary":"wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12436","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33819","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34157","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3419","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34092","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34122","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12436"},{"reference_url":"https://github.com/wolfSSL/wolfssl/commit/9b9568d500f31f964af26ba8d01e542e1f27e5ca","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/commit/9b9568d500f31f964af26ba8d01e542e1f27e5ca"},{"reference_url":"https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/","reference_id":"","reference_type":"","scores":[],"url":"https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"},{"reference_url":"https://www.wolfssl.com/wolfssh-and-rohnp/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/wolfssh-and-rohnp/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901627","reference_id":"901627","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901627"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12436","reference_id":"CVE-2018-12436","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"},{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12436"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942893?format=json","purl":"pkg:deb/debian/wolfssl@3.15.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.15.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2018-12436"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7cuc-6hd9-bych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94121?format=json","vulnerability_id":"VCID-7ybv-yjyv-cucz","summary":"wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19962","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4002","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40169","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40119","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40172","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40184","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40138","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19962"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942898?format=json","purl":"pkg:deb/debian/wolfssl@4.3.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.3.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-19962"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ybv-yjyv-cucz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81541?format=json","vulnerability_id":"VCID-8krv-jqjg-uqc8","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7440.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7440.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7440","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23554","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23754","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23606","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23651","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23667","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23568","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:C/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386584","reference_id":"1386584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386584"},{"reference_url":"https://usn.ubuntu.com/3109-1/","reference_id":"USN-3109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942889?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2016-7440"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8krv-jqjg-uqc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94765?format=json","vulnerability_id":"VCID-915b-q9gv-zugt","summary":"DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The client side is affected because man-in-the-middle attackers can impersonate TLS 1.3 servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3336","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39832","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39883","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39849","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39805","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.3986","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39874","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43535","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43474","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3336"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3336","reference_id":"CVE-2021-3336","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3336"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942902?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2021-3336"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-915b-q9gv-zugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92960?format=json","vulnerability_id":"VCID-9bqq-cr1k-2fhq","summary":"The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7438","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32286","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32438","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32297","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32345","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32376","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32338","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32311","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7438"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942889?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2016-7438"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9bqq-cr1k-2fhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13053?format=json","vulnerability_id":"VCID-av4q-73pk-tucd","summary":"Improper Authentication\nIn wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the `certificate_verify` message from the handshake, and never present a certificate.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25640","reference_id":"","reference_type":"","scores":[{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.8981","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89827","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89833","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.8984","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89838","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.89831","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25640"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/4831","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/4831"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25640","reference_id":"CVE-2022-25640","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25640"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942904?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942906?format=json","purl":"pkg:deb/debian/wolfssl@5.2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-25640"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-av4q-73pk-tucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92757?format=json","vulnerability_id":"VCID-cd24-z82g-fuhm","summary":"wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6925","reference_id":"","reference_type":"","scores":[{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75602","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75545","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75548","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75578","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75592","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75627","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6925","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6925"},{"reference_url":"https://github.com/IAIK/wolfSSL-DoS","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/IAIK/wolfSSL-DoS"},{"reference_url":"https://wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html","reference_id":"","reference_type":"","scores":[],"url":"https://wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html"},{"reference_url":"http://wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html","reference_id":"","reference_type":"","scores":[],"url":"http://wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801120","reference_id":"801120","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801120"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-6925","reference_id":"CVE-2015-6925","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-6925"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942889?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2015-6925"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cd24-z82g-fuhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94009?format=json","vulnerability_id":"VCID-dnrg-xpru-6qc8","summary":"wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14317","reference_id":"","reference_type":"","scores":[{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60059","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60137","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60162","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60132","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60182","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60196","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60217","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60186","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14317"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942895?format=json","purl":"pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.2.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-14317"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnrg-xpru-6qc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54395?format=json","vulnerability_id":"VCID-dusy-ap5e-kyea","summary":"security update","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6494","reference_id":"","reference_type":"","scores":[{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.7725","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77189","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77196","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77225","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77206","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77238","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77246","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77273","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77253","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"http://secunia.com/advisories/61579","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61579"},{"reference_url":"http://secunia.com/advisories/62073","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62073"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201411-02.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201411-02.xml"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"},{"reference_url":"http://www.securityfocus.com/bid/70497","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70497"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153484","reference_id":"1153484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153484"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6494","reference_id":"CVE-2014-6494","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6494"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-6494"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dusy-ap5e-kyea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94094?format=json","vulnerability_id":"VCID-dwyw-64yp-vygf","summary":"In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18840","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6139","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61409","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61262","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61342","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6137","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6134","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61387","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18840"},{"reference_url":"https://github.com/wolfSSL/wolfssl/issues/2555","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/issues/2555"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18840","reference_id":"CVE-2019-18840","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18840"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942897?format=json","purl":"pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.2.0%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-18840"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwyw-64yp-vygf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54390?format=json","vulnerability_id":"VCID-f72k-wxht-zka6","summary":"security update","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6478.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6478","reference_id":"","reference_type":"","scores":[{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65854","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65768","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65818","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65848","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65866","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65877","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65896","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65883","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"},{"reference_url":"http://www.securityfocus.com/bid/70489","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70489"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153466","reference_id":"1153466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153466"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6478","reference_id":"CVE-2014-6478","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6478"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-6478"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f72k-wxht-zka6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93204?format=json","vulnerability_id":"VCID-fczc-rsag-5bdq","summary":"A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2800","reference_id":"","reference_type":"","scores":[{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92525","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92531","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92538","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.9254","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92556","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92562","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08887","scoring_system":"epss","scoring_elements":"0.92563","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2800"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862154","reference_id":"862154","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862154"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41984.txt","reference_id":"CVE-2017-2800","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41984.txt"},{"reference_url":"http://www.talosintelligence.com/reports/TALOS-2017-0293/","reference_id":"CVE-2017-2800","reference_type":"exploit","scores":[],"url":"http://www.talosintelligence.com/reports/TALOS-2017-0293/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942891?format=json","purl":"pkg:deb/debian/wolfssl@3.12.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.12.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2017-2800"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fczc-rsag-5bdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94333?format=json","vulnerability_id":"VCID-fqx3-he5r-ekhp","summary":"wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing side-channel attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11713","reference_id":"","reference_type":"","scores":[{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60291","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60167","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6027","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60238","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60288","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60303","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60323","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11713"},{"reference_url":"https://gist.github.com/pietroborrello/7c5be2d1dc15349c4ffc8671f0aad04f","reference_id":"","reference_type":"","scores":[],"url":"https://gist.github.com/pietroborrello/7c5be2d1dc15349c4ffc8671f0aad04f"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/2894/","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/2894/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960190","reference_id":"960190","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960190"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:4.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:4.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:4.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11713","reference_id":"CVE-2020-11713","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11713"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942899?format=json","purl":"pkg:deb/debian/wolfssl@4.4.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.4.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-11713"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqx3-he5r-ekhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94069?format=json","vulnerability_id":"VCID-fzq1-jbg2-q3b4","summary":"In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16748","reference_id":"","reference_type":"","scores":[{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75731","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75738","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75674","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75677","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75708","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75688","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75722","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75733","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75756","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16748"},{"reference_url":"https://github.com/wolfSSL/wolfssl/issues/2459","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/issues/2459"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16748","reference_id":"CVE-2019-16748","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16748"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942895?format=json","purl":"pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.2.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-16748"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fzq1-jbg2-q3b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93345?format=json","vulnerability_id":"VCID-g272-dr17-7qbu","summary":"wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8855","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55103","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55123","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.54958","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55061","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55086","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55062","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55111","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8855"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v3.11.0-stable","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v3.11.0-stable"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870170","reference_id":"870170","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870170"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8855","reference_id":"CVE-2017-8855","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942891?format=json","purl":"pkg:deb/debian/wolfssl@3.12.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.12.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2017-8855"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g272-dr17-7qbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10943?format=json","vulnerability_id":"VCID-h2vp-p7fd-7bev","summary":"Improper Handling of Exceptional Conditions\nwolfSSL does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37155","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66455","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66494","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6652","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66492","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6654","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66554","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66573","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66561","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66529","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37155"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991443","reference_id":"991443","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991443"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37155","reference_id":"CVE-2021-37155","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37155"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942904?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942903?format=json","purl":"pkg:deb/debian/wolfssl@5.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2021-37155"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2vp-p7fd-7bev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18412?format=json","vulnerability_id":"VCID-hguq-mr6k-jqd3","summary":"Improper Certificate Validation\nIf a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM (Input Keying Material) value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. wolfSSL recommends that TLS 1.3 client side users update the version of wolfSSL used.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3724","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29115","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28927","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28992","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33087","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33149","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.3311","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3724"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/6412","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-29T15:53:34Z/"}],"url":"https://github.com/wolfSSL/wolfssl/pull/6412"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-29T15:53:34Z/"}],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041699","reference_id":"1041699","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041699"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3724","reference_id":"CVE-2023-3724","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942908?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942909?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2023-3724"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hguq-mr6k-jqd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92596?format=json","vulnerability_id":"VCID-jcyf-gcxb-7ucj","summary":"CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2903","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43875","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43839","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43906","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43837","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43887","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.4389","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43908","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2903"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2903"},{"reference_url":"http://secunia.com/advisories/62604","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62604"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/04/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/04/18/2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2903","reference_id":"CVE-2014-2903","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2903"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942884?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-2903"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jcyf-gcxb-7ucj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94381?format=json","vulnerability_id":"VCID-k1q1-y9ne-wuh7","summary":"An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15309","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28339","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28452","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28244","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2831","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28352","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28358","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28314","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28256","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15309"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15309","reference_id":"CVE-2020-15309","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15309"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942900?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-15309"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1q1-y9ne-wuh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/278147?format=json","vulnerability_id":"VCID-k32r-azxg-9yh3","summary":"An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket (more than 256 bytes) into a NewSessionTicket message in a TLS 1.2 handshake, and the client has a non-empty session cache, the session cache frees a pointer that points to unallocated memory, causing the client to crash with a \"free(): invalid pointer\" message. NOTE: It is likely that this is also exploitable during TLS 1.3 handshakes between a client and a malicious server. With TLS 1.3, it is not possible to exploit this as a man-in-the-middle.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38153","reference_id":"","reference_type":"","scores":[{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68481","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68477","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68527","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68544","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68571","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68558","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38153"},{"reference_url":"https://github.com/trailofbits/tlspuffin","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/trailofbits/tlspuffin"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/5476","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/5476"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021","reference_id":"1021021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38153","reference_id":"CVE-2022-38153","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38153"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942907?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-38153"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k32r-azxg-9yh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93582?format=json","vulnerability_id":"VCID-k6pn-fcqq-q7hs","summary":"It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.","references":[{"reference_url":"http://cat.eyalro.net/","reference_id":"","reference_type":"","scores":[],"url":"http://cat.eyalro.net/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16870","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40432","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40452","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40369","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40457","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40456","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40488","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16870"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/1950","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/1950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918952","reference_id":"918952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918952"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16870","reference_id":"CVE-2018-16870","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16870"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942894?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2018-16870"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k6pn-fcqq-q7hs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95250?format=json","vulnerability_id":"VCID-kksg-tc63-23bm","summary":"In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list of duplicate cipher suites to trigger the buffer overflow. In total, two Client Hellos have to be sent: one in the resumed session, and a second one as a response to a Hello Retry Request message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39173","reference_id":"","reference_type":"","scores":[{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80194","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80214","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80203","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80242","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.8026","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39173"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39173","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39173"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021","reference_id":"1021021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Oct/24","reference_id":"24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Oct/24"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39173","reference_id":"CVE-2022-39173","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39173"},{"reference_url":"http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html","reference_id":"wolfSSL-Buffer-Overflow.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html"},{"reference_url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","reference_id":"wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:43:15Z/"}],"url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942907?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-39173"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kksg-tc63-23bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92595?format=json","vulnerability_id":"VCID-ktqb-4xkh-jkc4","summary":"wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2902","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44641","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4464","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44564","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44653","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44655","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44671","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2902"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2902"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2014-2902","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2014-2902"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/04/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/04/18/2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2902","reference_id":"CVE-2014-2902","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942884?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-2902"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktqb-4xkh-jkc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13043?format=json","vulnerability_id":"VCID-mtcu-yhz9-c7b8","summary":"Improper Certificate Validation\nIn wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the `sig_algo` field differs between the `certificate_verify` message and the certificate message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25638","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34973","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34853","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34898","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34927","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34931","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34894","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34871","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25638"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/4813","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/4813"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25638","reference_id":"CVE-2022-25638","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25638"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942904?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942906?format=json","purl":"pkg:deb/debian/wolfssl@5.2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-25638"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtcu-yhz9-c7b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54397?format=json","vulnerability_id":"VCID-pq7n-tyq2-xucr","summary":"security update","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6495.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6495.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6495","reference_id":"","reference_type":"","scores":[{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68222","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68159","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68182","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68199","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68243","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68268","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68255","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"},{"reference_url":"http://www.securityfocus.com/bid/70496","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70496"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153485","reference_id":"1153485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153485"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6495","reference_id":"CVE-2014-6495","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6495"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-6495"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pq7n-tyq2-xucr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93238?format=json","vulnerability_id":"VCID-pqgw-v173-6kgh","summary":"In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6076","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36068","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36264","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36297","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36132","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36182","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.362","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36205","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36168","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36142","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6076"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856114","reference_id":"856114","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856114"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942892?format=json","purl":"pkg:deb/debian/wolfssl@3.10.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.10.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2017-6076"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqgw-v173-6kgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94336?format=json","vulnerability_id":"VCID-ptst-vmw7-rbbs","summary":"The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a \"projective coordinates leak.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11735","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57786","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5787","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57865","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57921","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57895","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11735"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11735","reference_id":"CVE-2020-11735","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11735"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942899?format=json","purl":"pkg:deb/debian/wolfssl@4.4.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.4.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-11735"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptst-vmw7-rbbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94122?format=json","vulnerability_id":"VCID-r73s-x7et-f7b1","summary":"An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19963","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57786","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5787","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57865","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57921","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57895","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942898?format=json","purl":"pkg:deb/debian/wolfssl@4.3.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.3.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-19963"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r73s-x7et-f7b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54402?format=json","vulnerability_id":"VCID-rtzg-kdyv-kyfk","summary":"security update","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6500.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6500.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6500","reference_id":"","reference_type":"","scores":[{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8454","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84555","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84577","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8458","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84602","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84608","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84623","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559"},{"reference_url":"http://secunia.com/advisories/61579","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61579"},{"reference_url":"http://secunia.com/advisories/62073","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62073"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201411-02.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201411-02.xml"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"},{"reference_url":"http://www.securityfocus.com/bid/70478","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70478"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153487","reference_id":"1153487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1153487"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6500","reference_id":"CVE-2014-6500","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6500"},{"reference_url":"https://security.gentoo.org/glsa/201411-02","reference_id":"GLSA-201411-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-02"},{"reference_url":"https://usn.ubuntu.com/2384-1/","reference_id":"USN-2384-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2384-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-6500"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtzg-kdyv-kyfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93344?format=json","vulnerability_id":"VCID-s7rc-gze6-eqa6","summary":"wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8854","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50052","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.49998","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50036","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50065","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50015","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50069","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5008","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8854"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8854","reference_id":"CVE-2017-8854","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8854"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942892?format=json","purl":"pkg:deb/debian/wolfssl@3.10.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.10.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2017-8854"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7rc-gze6-eqa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92594?format=json","vulnerability_id":"VCID-ta4b-he3j-jya7","summary":"wolfssl before 3.2.0 does not properly issue certificates for a server's hostname.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2901","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32508","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32536","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32496","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3264","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32545","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32572","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2901"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2014-2901","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2014-2901"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/04/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/04/18/2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2901","reference_id":"CVE-2014-2901","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2901"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942884?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-2901"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ta4b-he3j-jya7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94203?format=json","vulnerability_id":"VCID-u1xz-kt5a-ybbv","summary":"examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6439","reference_id":"","reference_type":"","scores":[{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78424","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78431","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78371","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78408","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78391","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78418","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78423","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78449","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6439"},{"reference_url":"https://github.com/wolfSSL/wolfssl/issues/2032","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/issues/2032"},{"reference_url":"http://www.securityfocus.com/bid/106640","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106640"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6439","reference_id":"CVE-2019-6439","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942894?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-6439"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1xz-kt5a-ybbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94582?format=json","vulnerability_id":"VCID-u8tr-grjg-j7hr","summary":"RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36177","reference_id":"","reference_type":"","scores":[{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72428","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72433","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72451","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72466","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72479","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72474","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36177"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979534","reference_id":"979534","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979534"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36177","reference_id":"CVE-2020-36177","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36177"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942901?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-36177"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8tr-grjg-j7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95279?format=json","vulnerability_id":"VCID-ubye-e3yx-pfbb","summary":"In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42905","reference_id":"","reference_type":"","scores":[{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.90819","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.90784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.90794","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.90805","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.90812","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.9082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06142","scoring_system":"epss","scoring_elements":"0.90773","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42905"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases"},{"reference_url":"https://www.wolfssl.com/docs/security-vulnerabilities/","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/11","reference_id":"11","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/11"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42905","reference_id":"CVE-2022-42905","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42905"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable","reference_id":"v5.5.2-stable","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable"},{"reference_url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","reference_id":"wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/"},{"reference_url":"http://packetstormsecurity.com/files/170610/wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html","reference_id":"wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:39:33Z/"}],"url":"http://packetstormsecurity.com/files/170610/wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942907?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-42905"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubye-e3yx-pfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85923?format=json","vulnerability_id":"VCID-v5gp-x49d-bbcg","summary":"wolfSSL: insufficient hardening of RSA-CRT implementation (Oracle MySQL CPU Jan 2016)","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7744.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7744","reference_id":"","reference_type":"","scores":[{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.8583","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85834","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85756","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85787","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02676","scoring_system":"epss","scoring_elements":"0.85822","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7744"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"},{"reference_url":"https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/","reference_id":"","reference_type":"","scores":[],"url":"https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/"},{"reference_url":"https://wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html","reference_id":"","reference_type":"","scores":[],"url":"https://wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html"},{"reference_url":"http://wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html","reference_id":"","reference_type":"","scores":[],"url":"http://wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"reference_url":"http://www.securitytracker.com/id/1034708","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034708"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301488","reference_id":"1301488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301488"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7744","reference_id":"CVE-2015-7744","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7744"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942889?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2015-7744"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v5gp-x49d-bbcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93922?format=json","vulnerability_id":"VCID-vj57-tszp-ruaf","summary":"wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet contains the attack data, to be stored in the undefined memory (RAM) of the server. The size of the data is about 65 kB. Possibly the attacker can perform a remote code execution attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11873","reference_id":"","reference_type":"","scores":[{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91491","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91498","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91504","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91512","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91524","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91531","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91535","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07108","scoring_system":"epss","scoring_elements":"0.91537","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11873"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929468","reference_id":"929468","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929468"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942894?format=json","purl":"pkg:deb/debian/wolfssl@4.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2019-11873"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vj57-tszp-ruaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93107?format=json","vulnerability_id":"VCID-w49t-kp2a-efh3","summary":"wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13099","reference_id":"","reference_type":"","scores":[{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.99024","published_at":"2026-04-01T12:55:00Z"},{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.99025","published_at":"2026-04-02T12:55:00Z"},{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.99028","published_at":"2026-04-04T12:55:00Z"},{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.9903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.99031","published_at":"2026-04-08T12:55:00Z"},{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.99032","published_at":"2026-04-09T12:55:00Z"},{"value":"0.78457","scoring_system":"epss","scoring_elements":"0.99033","published_at":"2026-04-11T12:55:00Z"},{"value":"0.78709","scoring_system":"epss","scoring_elements":"0.99047","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884235","reference_id":"884235","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884235"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942890?format=json","purl":"pkg:deb/debian/wolfssl@3.13.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.13.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2017-13099"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w49t-kp2a-efh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95280?format=json","vulnerability_id":"VCID-x4tg-m9be-2yfe","summary":"An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via an advanced technique for ECDSA key recovery. (In 5.5.0 and later, WOLFSSL_CHECK_SIG_FAULTS can be used to address the vulnerability.)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42961","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50516","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50543","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50498","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50553","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5055","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52038","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52072","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42961"},{"reference_url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:43:21Z/"}],"url":"https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023574","reference_id":"1023574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023574"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42961","reference_id":"CVE-2022-42961","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42961"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942907?format=json","purl":"pkg:deb/debian/wolfssl@5.5.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-42961"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4tg-m9be-2yfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40098?format=json","vulnerability_id":"VCID-xap5-djda-2uem","summary":"Multiple vulnerabilities have been found in Oracle JRE/JDK,\n    allowing both local and remote attackers to compromise various Java\n    components.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0416.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0416.html"},{"reference_url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc","reference_id":"","reference_type":"","scores":[],"url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"},{"reference_url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"},{"reference_url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"},{"reference_url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"},{"reference_url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"},{"reference_url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"},{"reference_url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html","reference_id":"","reference_type":"","scores":[],"url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html"},{"reference_url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html","reference_id":"","reference_type":"","scores":[],"url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"},{"reference_url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581","reference_id":"","reference_type":"","scores":[],"url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"},{"reference_url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034","reference_id":"","reference_type":"","scores":[],"url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624619906067"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2"},{"reference_url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html","reference_id":"","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html"},{"reference_url":"https://access.redhat.com/articles/1232123","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/articles/1232123"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566","reference_id":"","reference_type":"","scores":[{"value":"0.94015","scoring_system":"epss","scoring_elements":"0.99894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.94015","scoring_system":"epss","scoring_elements":"0.99895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.94015","scoring_system":"epss","scoring_elements":"0.99896","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566"},{"reference_url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/","reference_id":"","reference_type":"","scores":[],"url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"},{"reference_url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa83","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa83"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412"},{"reference_url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip","reference_id":"","reference_type":"","scores":[],"url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"},{"reference_url":"http://secunia.com/advisories/59627","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59627"},{"reference_url":"http://secunia.com/advisories/60056","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60056"},{"reference_url":"http://secunia.com/advisories/60206","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60206"},{"reference_url":"http://secunia.com/advisories/60792","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60792"},{"reference_url":"http://secunia.com/advisories/60859","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60859"},{"reference_url":"http://secunia.com/advisories/61019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61019"},{"reference_url":"http://secunia.com/advisories/61130","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61130"},{"reference_url":"http://secunia.com/advisories/61303","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61303"},{"reference_url":"http://secunia.com/advisories/61316","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61316"},{"reference_url":"http://secunia.com/advisories/61345","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61345"},{"reference_url":"http://secunia.com/advisories/61359","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61359"},{"reference_url":"http://secunia.com/advisories/61782","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61782"},{"reference_url":"http://secunia.com/advisories/61810","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61810"},{"reference_url":"http://secunia.com/advisories/61819","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61819"},{"reference_url":"http://secunia.com/advisories/61825","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61825"},{"reference_url":"http://secunia.com/advisories/61827","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61827"},{"reference_url":"http://secunia.com/advisories/61926","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61926"},{"reference_url":"http://secunia.com/advisories/61995","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61995"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mpgn/poodle-PoC","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpgn/poodle-PoC"},{"reference_url":"https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"},{"reference_url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02","reference_id":"","reference_type":"","scores":[],"url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104"},{"reference_url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability"},{"reference_url":"https://security.netapp.com/advisory/ntap-20141015-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20141015-0001/"},{"reference_url":"https://support.apple.com/HT205217","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205217"},{"reference_url":"https://support.apple.com/kb/HT6527","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6527"},{"reference_url":"https://support.apple.com/kb/HT6529","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6529"},{"reference_url":"https://support.apple.com/kb/HT6531","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6531"},{"reference_url":"https://support.apple.com/kb/HT6535","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6535"},{"reference_url":"https://support.apple.com/kb/HT6536","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6536"},{"reference_url":"https://support.apple.com/kb/HT6541","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6541"},{"reference_url":"https://support.apple.com/kb/HT6542","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6542"},{"reference_url":"https://support.citrix.com/article/CTX216642","reference_id":"","reference_type":"","scores":[],"url":"https://support.citrix.com/article/CTX216642"},{"reference_url":"https://support.lenovo.com/product_security/poodle","reference_id":"","reference_type":"","scores":[],"url":"https://support.lenovo.com/product_security/poodle"},{"reference_url":"https://support.lenovo.com/us/en/product_security/poodle","reference_id":"","reference_type":"","scores":[],"url":"https://support.lenovo.com/us/en/product_security/poodle"},{"reference_url":"https://technet.microsoft.com/library/security/3009008.aspx","reference_id":"","reference_type":"","scores":[],"url":"https://technet.microsoft.com/library/security/3009008.aspx"},{"reference_url":"https://templatelab.com/ssl-poodle/","reference_id":"","reference_type":"","scores":[],"url":"https://templatelab.com/ssl-poodle/"},{"reference_url":"http://support.apple.com/HT204244","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/HT204244"},{"reference_url":"http://support.citrix.com/article/CTX200238","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX200238"},{"reference_url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165","reference_id":"","reference_type":"","scores":[],"url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7","reference_id":"","reference_type":"","scores":[],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"},{"reference_url":"https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"},{"reference_url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"},{"reference_url":"https://www.elastic.co/blog/logstash-1-4-3-released","reference_id":"","reference_type":"","scores":[],"url":"https://www.elastic.co/blog/logstash-1-4-3-released"},{"reference_url":"https://www.imperialviolet.org/2014/10/14/poodle.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.imperialviolet.org/2014/10/14/poodle.html"},{"reference_url":"https://www.openssl.org/~bodo/ssl-poodle.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/~bodo/ssl-poodle.pdf"},{"reference_url":"https://www.openssl.org/news/secadv_20141015.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/news/secadv_20141015.txt"},{"reference_url":"https://www.suse.com/support/kb/doc.php?id=7015773","reference_id":"","reference_type":"","scores":[],"url":"https://www.suse.com/support/kb/doc.php?id=7015773"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299"},{"reference_url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm","reference_id":"","reference_type":"","scores":[],"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"},{"reference_url":"http://www.debian.org/security/2014/dsa-3053","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3053"},{"reference_url":"http://www.debian.org/security/2015/dsa-3144","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3144"},{"reference_url":"http://www.debian.org/security/2015/dsa-3147","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3147"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.debian.org/security/2016/dsa-3489","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3489"},{"reference_url":"http://www.kb.cert.org/vuls/id/577193","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/577193"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"},{"reference_url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/533746","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/533746"},{"reference_url":"http://www.securityfocus.com/archive/1/533747","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/533747"},{"reference_url":"http://www.securityfocus.com/bid/70574","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70574"},{"reference_url":"http://www.securitytracker.com/id/1031029","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031029"},{"reference_url":"http://www.securitytracker.com/id/1031039","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031039"},{"reference_url":"http://www.securitytracker.com/id/1031085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031085"},{"reference_url":"http://www.securitytracker.com/id/1031086","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031086"},{"reference_url":"http://www.securitytracker.com/id/1031087","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031087"},{"reference_url":"http://www.securitytracker.com/id/1031088","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031088"},{"reference_url":"http://www.securitytracker.com/id/1031089","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031089"},{"reference_url":"http://www.securitytracker.com/id/1031090","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031090"},{"reference_url":"http://www.securitytracker.com/id/1031091","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031091"},{"reference_url":"http://www.securitytracker.com/id/1031092","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031092"},{"reference_url":"http://www.securitytracker.com/id/1031093","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031093"},{"reference_url":"http://www.securitytracker.com/id/1031094","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031094"},{"reference_url":"http://www.securitytracker.com/id/1031095","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031095"},{"reference_url":"http://www.securitytracker.com/id/1031096","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031096"},{"reference_url":"http://www.securitytracker.com/id/1031105","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031105"},{"reference_url":"http://www.securitytracker.com/id/1031106","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031106"},{"reference_url":"http://www.securitytracker.com/id/1031107","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031107"},{"reference_url":"http://www.securitytracker.com/id/1031120","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031120"},{"reference_url":"http://www.securitytracker.com/id/1031123","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031123"},{"reference_url":"http://www.securitytracker.com/id/1031124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031124"},{"reference_url":"http://www.securitytracker.com/id/1031130","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031130"},{"reference_url":"http://www.securitytracker.com/id/1031131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031131"},{"reference_url":"http://www.securitytracker.com/id/1031132","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031132"},{"reference_url":"http://www.ubuntu.com/usn/USN-2486-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2486-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2487-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2487-1"},{"reference_url":"http://www.us-cert.gov/ncas/alerts/TA14-290A","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/ncas/alerts/TA14-290A"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html"},{"reference_url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","reference_id":"","reference_type":"","scores":[],"url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789","reference_id":"1152789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539","reference_id":"765539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702","reference_id":"765702","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164","reference_id":"768164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904","reference_id":"769904","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359","reference_id":"771359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3566","reference_id":"CVE-2014-3566","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3566"},{"reference_url":"https://security.gentoo.org/glsa/201411-10","reference_id":"GLSA-201411-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-10"},{"reference_url":"https://security.gentoo.org/glsa/201507-14","reference_id":"GLSA-201507-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-14"},{"reference_url":"https://security.gentoo.org/glsa/201606-11","reference_id":"GLSA-201606-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1876","reference_id":"RHSA-2014:1876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1877","reference_id":"RHSA-2014:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1880","reference_id":"RHSA-2014:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1881","reference_id":"RHSA-2014:1881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1882","reference_id":"RHSA-2014:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1920","reference_id":"RHSA-2014:1920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0010","reference_id":"RHSA-2015:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0011","reference_id":"RHSA-2015:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0012","reference_id":"RHSA-2015:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0067","reference_id":"RHSA-2015:0067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0068","reference_id":"RHSA-2015:0068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0069","reference_id":"RHSA-2015:0069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0079","reference_id":"RHSA-2015:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0080","reference_id":"RHSA-2015:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0085","reference_id":"RHSA-2015:0085","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0085"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0086","reference_id":"RHSA-2015:0086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0264","reference_id":"RHSA-2015:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1545","reference_id":"RHSA-2015:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1546","reference_id":"RHSA-2015:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1546"},{"reference_url":"https://usn.ubuntu.com/2486-1/","reference_id":"USN-2486-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2486-1/"},{"reference_url":"https://usn.ubuntu.com/2487-1/","reference_id":"USN-2487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2487-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942884?format=json","purl":"pkg:deb/debian/wolfssl@3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2014-3566"],"risk_score":7.8,"exploitability":"2.0","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xap5-djda-2uem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94345?format=json","vulnerability_id":"VCID-y7jq-khf1-97gj","summary":"An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e., a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12457","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64398","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64452","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6451","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64481","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12457"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663","reference_id":"969663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969663"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12457","reference_id":"CVE-2020-12457","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12457"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942900?format=json","purl":"pkg:deb/debian/wolfssl@4.5.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.5.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2020-12457"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7jq-khf1-97gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12219?format=json","vulnerability_id":"VCID-ykdv-43ha-muhg","summary":"Use of Insufficiently Random Values\nwolfSSL uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS or DTLS This occurs because of misplaced memory initialization in BuildMessage in internal.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23408","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51567","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51593","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51554","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51608","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51604","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51654","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51633","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51616","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23408"},{"reference_url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-511-jan-3rd-2022","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-511-jan-3rd-2022"},{"reference_url":"https://github.com/wolfSSL/wolfssl/pull/4710","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/wolfSSL/wolfssl/pull/4710"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004181","reference_id":"1004181","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004181"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23408","reference_id":"CVE-2022-23408","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23408"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942888?format=json","purl":"pkg:deb/debian/wolfssl@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942905?format=json","purl":"pkg:deb/debian/wolfssl@5.1.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.1.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2022-23408"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykdv-43ha-muhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11027?format=json","vulnerability_id":"VCID-yyy6-k4y2-s3ep","summary":"Insufficient Verification of Data Authenticity\nwolfSSL incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38597","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39884","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40032","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40059","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39979","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40033","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40057","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.4002","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.4","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38597"},{"reference_url":"https://www.wolfssl.com/docs/wolfssl-changelog/","reference_id":"","reference_type":"","scores":[],"url":"https://www.wolfssl.com/docs/wolfssl-changelog/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992174","reference_id":"992174","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992174"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38597","reference_id":"CVE-2021-38597","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38597"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942904?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942903?format=json","purl":"pkg:deb/debian/wolfssl@5.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2021-38597"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyy6-k4y2-s3ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92961?format=json","vulnerability_id":"VCID-zfyg-ffzg-myd7","summary":"The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7439","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32286","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32438","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32297","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32345","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32376","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32338","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32311","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942889?format=json","purl":"pkg:deb/debian/wolfssl@3.9.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@3.9.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942885?format=json","purl":"pkg:deb/debian/wolfssl@4.6.0%2Bp1-0%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6n4g-us9a-53g4"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cum2-vp1j-syfc"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f4gq-hqcp-dqe2"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942883?format=json","purl":"pkg:deb/debian/wolfssl@5.5.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u3q-52yd-1bhe"},{"vulnerability":"VCID-24s5-d6jt-4kfe"},{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-47nm-nte5-27fm"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-7xbp-qkvv-bqgm"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9hdy-aqa2-w3bd"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-dpu2-4w42-kygw"},{"vulnerability":"VCID-euma-vgqx-sbau"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-su8x-6n42-n3d5"},{"vulnerability":"VCID-u24a-2khf-uyba"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xfgd-4hs3-vygk"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"},{"vulnerability":"VCID-zhf4-y8v8-gubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.5.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942887?format=json","purl":"pkg:deb/debian/wolfssl@5.7.2-0.1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ry7-trrg-gfdk"},{"vulnerability":"VCID-4zda-zrq6-hbc8"},{"vulnerability":"VCID-6v8z-cfax-zqbh"},{"vulnerability":"VCID-8735-ectc-j7a3"},{"vulnerability":"VCID-9jpj-dfsf-qkce"},{"vulnerability":"VCID-9jw2-3v9v-ruap"},{"vulnerability":"VCID-9kev-ferz-5bhr"},{"vulnerability":"VCID-9x14-2t7m-1kbm"},{"vulnerability":"VCID-cxhw-3w24-dkes"},{"vulnerability":"VCID-f57c-kamk-3bct"},{"vulnerability":"VCID-fmtp-x6y7-83g1"},{"vulnerability":"VCID-gcfd-w8je-kqfm"},{"vulnerability":"VCID-gdur-h588-vbb6"},{"vulnerability":"VCID-gmdj-a1ys-tqc2"},{"vulnerability":"VCID-h6na-nxxq-5yg9"},{"vulnerability":"VCID-hk8r-kk4v-1fa7"},{"vulnerability":"VCID-jxf4-y1au-5bhw"},{"vulnerability":"VCID-khur-3ax7-9fhb"},{"vulnerability":"VCID-n64w-nq6a-m7bv"},{"vulnerability":"VCID-njbj-f91t-b7f4"},{"vulnerability":"VCID-uvht-9bt9-hfbb"},{"vulnerability":"VCID-v3m6-zajw-bfhb"},{"vulnerability":"VCID-xuyn-pjpb-g7du"},{"vulnerability":"VCID-xxkx-w5pc-5uap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.7.2-0.1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942886?format=json","purl":"pkg:deb/debian/wolfssl@5.9.0-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@5.9.0-0.2%3Fdistro=trixie"}],"aliases":["CVE-2016-7439"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyg-ffzg-myd7"}],"risk_score":"3.8","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wolfssl@4.6.0%252Bp1-0%252Bdeb11u2%3Fdistro=trixie"}