Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/wolfssl@5.5.0-r0?arch=ppc64le&distroversion=v3.18&reponame=community
Typeapk
Namespacealpine
Namewolfssl
Version5.5.0-r0
Qualifiers
arch ppc64le
distroversion v3.18
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.5.1-r0
Latest_non_vulnerable_version5.6.2-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6n4g-us9a-53g4
vulnerability_id VCID-6n4g-us9a-53g4
summary An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38152
reference_id
reference_type
scores
0
value 0.02711
scoring_system epss
scoring_elements 0.85849
published_at 2026-04-02T12:55:00Z
1
value 0.02711
scoring_system epss
scoring_elements 0.85867
published_at 2026-04-04T12:55:00Z
2
value 0.02711
scoring_system epss
scoring_elements 0.85871
published_at 2026-04-07T12:55:00Z
3
value 0.02711
scoring_system epss
scoring_elements 0.85889
published_at 2026-04-08T12:55:00Z
4
value 0.02711
scoring_system epss
scoring_elements 0.85899
published_at 2026-04-09T12:55:00Z
5
value 0.02711
scoring_system epss
scoring_elements 0.85914
published_at 2026-04-11T12:55:00Z
6
value 0.02711
scoring_system epss
scoring_elements 0.85911
published_at 2026-04-12T12:55:00Z
7
value 0.02711
scoring_system epss
scoring_elements 0.85906
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38152
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38152
2
reference_url https://github.com/tlspuffin/tlspuffin
reference_id
reference_type
scores
url https://github.com/tlspuffin/tlspuffin
3
reference_url https://github.com/wolfSSL/wolfssl/pull/5468
reference_id
reference_type
scores
url https://github.com/wolfSSL/wolfssl/pull/5468
4
reference_url https://github.com/wolfSSL/wolfssl/releases
reference_id
reference_type
scores
url https://github.com/wolfSSL/wolfssl/releases
5
reference_url https://www.wolfssl.com/docs/security-vulnerabilities/
reference_id
reference_type
scores
url https://www.wolfssl.com/docs/security-vulnerabilities/
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021
reference_id 1021021
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021021
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-38152
reference_id CVE-2022-38152
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-38152
fixed_packages
0
url pkg:apk/alpine/wolfssl@5.5.0-r0?arch=ppc64le&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/wolfssl@5.5.0-r0?arch=ppc64le&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wolfssl@5.5.0-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community
aliases CVE-2022-38152
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6n4g-us9a-53g4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/wolfssl@5.5.0-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community