{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","type":"deb","namespace":"debian","name":"openssl","version":"4.0.0~alpha1-1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267365?format=json","vulnerability_id":"VCID-74wu-sup9-cybb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28386.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28386","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15772","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15809","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20625","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:15:21Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451099","reference_id":"2451099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451099"},{"reference_url":"https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621","reference_id":"61f428a2fc6671ede184a19f71e6e495f0689621","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:15:21Z/"}],"url":"https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-28386"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-74wu-sup9-cybb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64280?format=json","vulnerability_id":"VCID-7f9q-mhsr-8bfq","summary":"openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2673","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13672","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13857","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13657","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1379","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13759","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13722","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2673"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650","reference_id":"1130650","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650"},{"reference_url":"https://openssl-library.org/news/secadv/20260313.txt","reference_id":"20260313.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"}],"url":"https://openssl-library.org/news/secadv/20260313.txt"},{"reference_url":"https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f","reference_id":"2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"}],"url":"https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447327","reference_id":"2447327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447327"},{"reference_url":"https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34","reference_id":"85977e013f32ceb96aa034c0e741adddc1a05e34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"}],"url":"https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059928?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1~deb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/994511?format=json","purl":"pkg:deb/debian/openssl@3.5.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-2673"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7f9q-mhsr-8bfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267371?format=json","vulnerability_id":"VCID-87vs-4p6w-xbgq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31789","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01203","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01206","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0157","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00889","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00883","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451095","reference_id":"2451095","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451095"},{"reference_url":"https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde","reference_id":"364f095b80601db632b0def6a33316967f863bde","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde"},{"reference_url":"https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf","reference_id":"7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf"},{"reference_url":"https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49","reference_id":"945b935ac66cc7f1a41f1b849c7c25adb5351f49","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49"},{"reference_url":"https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9","reference_id":"a24216018e1ede8ff01a4ff5afff7dfbd443e2f9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9"},{"reference_url":"https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521","reference_id":"a91e537d16d74050dbde50bb0dfb1fe9930f0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:05Z/"}],"url":"https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052135?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-31789"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87vs-4p6w-xbgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267372?format=json","vulnerability_id":"VCID-cef8-2p5t-bff7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31790","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01498","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04587","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0568","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06358","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac","reference_id":"001e01db3e996e13ffc72386fe79d03a6683b5ac","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451094","reference_id":"2451094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451094"},{"reference_url":"https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482","reference_id":"abd8b2eec7e3f3fda60ecfb68498b246b52af482","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482"},{"reference_url":"https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406","reference_id":"b922e24e5b23ffb9cb9e14cadff23d91e9f7e406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406"},{"reference_url":"https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790","reference_id":"d5f8e71cd0a54e961d0c3b174348f8308486f790","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790"},{"reference_url":"https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e","reference_id":"eed200f58cd8645ed77e46b7e9f764e284df379e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:32:04Z/"}],"url":"https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052135?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-31790"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cef8-2p5t-bff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267366?format=json","vulnerability_id":"VCID-f2na-rtsu-ffad","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28387","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04327","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04313","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05464","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05485","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05579","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b","reference_id":"07e727d304746edb49a98ee8f6ab00256e1f012b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/"}],"url":"https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451098","reference_id":"2451098","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451098"},{"reference_url":"https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe","reference_id":"258a8f63b26995ba357f4326da00e19e29c6acbe","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/"}],"url":"https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe"},{"reference_url":"https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3","reference_id":"444958deaf450aea819171f97ae69eaedede42c3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/"}],"url":"https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3"},{"reference_url":"https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7","reference_id":"7a4e08cee62a728d32e60b0de89e6764339df0a7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/"}],"url":"https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7"},{"reference_url":"https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177","reference_id":"ec03fa050b3346997ed9c5fef3d0e16ad7db8177","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:56:07Z/"}],"url":"https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"},{"reference_url":"https://usn.ubuntu.com/8155-2/","reference_id":"USN-8155-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052135?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-28387"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f2na-rtsu-ffad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350480?format=json","vulnerability_id":"VCID-hgvf-vxhr-cye8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28388","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01419","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01418","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06156","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08551","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451097","reference_id":"2451097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451097"},{"reference_url":"https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e","reference_id":"59c3b3158553ab53275bbbccca5cb305d591cf2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/"}],"url":"https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e"},{"reference_url":"https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139","reference_id":"5a0b4930779cd2408880979db765db919da55139","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/"}],"url":"https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139"},{"reference_url":"https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3","reference_id":"602542f2c0c2d5edb47128f93eac10b62aeeefb3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/"}],"url":"https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3"},{"reference_url":"https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8","reference_id":"a9d187dd1000130100fa7ab915f8513532cb3bb8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/"}],"url":"https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8"},{"reference_url":"https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726","reference_id":"d3a901e8d9f021f3e67d6cfbc12e768129862726","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:18:04Z/"}],"url":"https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"},{"reference_url":"https://usn.ubuntu.com/8155-2/","reference_id":"USN-8155-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052135?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-28388"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgvf-vxhr-cye8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350481?format=json","vulnerability_id":"VCID-wuwm-ksb1-6qd5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28390","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08405","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08422","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15107","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15145","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18229","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc","reference_id":"01194a8f1941115cd0383bfa91c736dd3993c8bc","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/"}],"url":"https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456314","reference_id":"2456314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456314"},{"reference_url":"https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6","reference_id":"2e39b7a6993be445fddb9fbce316fa756e0397b6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/"}],"url":"https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6"},{"reference_url":"https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4","reference_id":"af2a5fecd3e71a29e7568f9c1453dec5cebbaff4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/"}],"url":"https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4"},{"reference_url":"https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788","reference_id":"ea7b4ea4f9f853521ba34830cbcadc970d2e0788","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/"}],"url":"https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788"},{"reference_url":"https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75","reference_id":"fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:24:15Z/"}],"url":"https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"},{"reference_url":"https://usn.ubuntu.com/8155-2/","reference_id":"USN-8155-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052135?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-28390"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wuwm-ksb1-6qd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267367?format=json","vulnerability_id":"VCID-zkc9-huk8-27bc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28389","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08405","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08422","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15107","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15145","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18229","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5","reference_id":"16cea4188e0ea567deb4f93f85902247e67384f5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/"}],"url":"https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5"},{"reference_url":"https://openssl-library.org/news/secadv/20260407.txt","reference_id":"20260407.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/"}],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451096","reference_id":"2451096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451096"},{"reference_url":"https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616","reference_id":"785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/"}],"url":"https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616"},{"reference_url":"https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f","reference_id":"7b5274e812400cacb6f3be4c2df5340923fa807f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/"}],"url":"https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f"},{"reference_url":"https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a","reference_id":"c6725634e089eb2b634b10ede33944be7248172a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/"}],"url":"https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a"},{"reference_url":"https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686","reference_id":"f80f83bc5fd036bc47d773e8b15a001e2b4ce686","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:20:14Z/"}],"url":"https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686"},{"reference_url":"https://usn.ubuntu.com/8155-1/","reference_id":"USN-8155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-1/"},{"reference_url":"https://usn.ubuntu.com/8155-2/","reference_id":"USN-8155-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8155-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052135?format=json","purl":"pkg:deb/debian/openssl@3.0.14-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.14-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1062954?format=json","purl":"pkg:deb/debian/openssl@3.6.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/994513?format=json","purl":"pkg:deb/debian/openssl@4.0.0~alpha1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}],"aliases":["CVE-2026-28389"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkc9-huk8-27bc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@4.0.0~alpha1-1"}