{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66614?format=json","vulnerability_id":"VCID-q6mc-q5jc-7qaq","summary":"The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack).","aliases":[{"alias":"CVE-2017-1000385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5770?format=json","purl":"pkg:deb/debian/erlang@1:17.3-dfsg-4%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5773?format=json","purl":"pkg:deb/debian/erlang@1:19.2.1%2Bdfsg-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:19.2.1%252Bdfsg-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/93553?format=json","purl":"pkg:deb/debian/erlang@1:20.1.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:20.1.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5774?format=json","purl":"pkg:deb/debian/erlang@1:21.2.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:21.2.6%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/93543?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2uh8-nhph-gfb6"},{"vulnerability":"VCID-883b-48uw-6yag"},{"vulnerability":"VCID-b3hg-mjga-nbg1"},{"vulnerability":"VCID-dazh-ypb5-akfp"},{"vulnerability":"VCID-dccw-cx8r-r7a1"},{"vulnerability":"VCID-ryy7-f45d-yyhv"},{"vulnerability":"VCID-wsby-unw4-zqe7"},{"vulnerability":"VCID-yyfx-f783-fqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/93541?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2uh8-nhph-gfb6"},{"vulnerability":"VCID-883b-48uw-6yag"},{"vulnerability":"VCID-b3hg-mjga-nbg1"},{"vulnerability":"VCID-dazh-ypb5-akfp"},{"vulnerability":"VCID-ryy7-f45d-yyhv"},{"vulnerability":"VCID-wsby-unw4-zqe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/93545?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2uh8-nhph-gfb6"},{"vulnerability":"VCID-883b-48uw-6yag"},{"vulnerability":"VCID-aqqx-g7d3-1yfy"},{"vulnerability":"VCID-dazh-ypb5-akfp"},{"vulnerability":"VCID-n6dc-39d1-83cr"},{"vulnerability":"VCID-ryy7-f45d-yyhv"},{"vulnerability":"VCID-wsby-unw4-zqe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/93544?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5762?format=json","purl":"pkg:deb/debian/erlang@49.1-10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14yd-vsj7-e3bv"},{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-64mt-9155-tkbv"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-taf5-cn63-efhr"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"},{"vulnerability":"VCID-y5wa-kc42-3bbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@49.1-10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5763?format=json","purl":"pkg:deb/debian/erlang@1:11.b.2-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14yd-vsj7-e3bv"},{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-64mt-9155-tkbv"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-taf5-cn63-efhr"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"},{"vulnerability":"VCID-y5wa-kc42-3bbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:11.b.2-4"},{"url":"http://public2.vulnerablecode.io/api/packages/5764?format=json","purl":"pkg:deb/debian/erlang@1:12.b.3-dfsg-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14yd-vsj7-e3bv"},{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-64mt-9155-tkbv"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-taf5-cn63-efhr"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"},{"vulnerability":"VCID-y5wa-kc42-3bbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:12.b.3-dfsg-4"},{"url":"http://public2.vulnerablecode.io/api/packages/5765?format=json","purl":"pkg:deb/debian/erlang@1:14.a-dfsg-3squeeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14yd-vsj7-e3bv"},{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-64mt-9155-tkbv"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-taf5-cn63-efhr"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"},{"vulnerability":"VCID-y5wa-kc42-3bbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:14.a-dfsg-3squeeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/5766?format=json","purl":"pkg:deb/debian/erlang@1:15.b.1-dfsg-4%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14yd-vsj7-e3bv"},{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-taf5-cn63-efhr"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:15.b.1-dfsg-4%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/5767?format=json","purl":"pkg:deb/debian/erlang@1:17.1-dfsg-4~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14yd-vsj7-e3bv"},{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.1-dfsg-4~bpo70%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5768?format=json","purl":"pkg:deb/debian/erlang@1:17.3-dfsg-4~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-8asg-twgg-9uac"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4~bpo70%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5769?format=json","purl":"pkg:deb/debian/erlang@1:17.3-dfsg-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4"},{"url":"http://public2.vulnerablecode.io/api/packages/5770?format=json","purl":"pkg:deb/debian/erlang@1:17.3-dfsg-4%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5771?format=json","purl":"pkg:deb/debian/erlang@1:19.2.1%2Bdfsg-2~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-ws9d-hzqg-suhp"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:19.2.1%252Bdfsg-2~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5772?format=json","purl":"pkg:deb/debian/erlang@1:19.2.1%2Bdfsg-2%2Bdeb9u1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:19.2.1%252Bdfsg-2%252Bdeb9u1~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5773?format=json","purl":"pkg:deb/debian/erlang@1:19.2.1%2Bdfsg-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cn7-ggkr-hqaq"},{"vulnerability":"VCID-1hcf-thw4-z3d2"},{"vulnerability":"VCID-1jj9-3wt9-8yc6"},{"vulnerability":"VCID-2wmc-yahz-pbcj"},{"vulnerability":"VCID-38u7-pvx6-ayb4"},{"vulnerability":"VCID-85tq-6shy-hqbz"},{"vulnerability":"VCID-92ms-9s91-1ff3"},{"vulnerability":"VCID-d3yq-zqjy-yfh1"},{"vulnerability":"VCID-e4ws-u5nw-vbhx"},{"vulnerability":"VCID-jhx8-w919-akbp"},{"vulnerability":"VCID-ps6d-uqp1-hbe9"},{"vulnerability":"VCID-q6mc-q5jc-7qaq"},{"vulnerability":"VCID-ravv-qx9m-kucw"},{"vulnerability":"VCID-rnmu-ks1d-dbh4"},{"vulnerability":"VCID-uusk-yhkq-2uew"},{"vulnerability":"VCID-xj5e-tw9x-v3be"},{"vulnerability":"VCID-xsdb-g1sd-7kdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:19.2.1%252Bdfsg-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/151782?format=json","purl":"pkg:rpm/redhat/ansible-tower@3.4.1-2?arch=el7at","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ansible-tower@3.4.1-2%3Farch=el7at"},{"url":"http://public2.vulnerablecode.io/api/packages/151780?format=json","purl":"pkg:rpm/redhat/cfme@5.10.1.2-2?arch=el7cf","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme@5.10.1.2-2%3Farch=el7cf"},{"url":"http://public2.vulnerablecode.io/api/packages/151773?format=json","purl":"pkg:rpm/redhat/cfme-amazon-smartstate@5.10.1.2-1?arch=el7cf","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme-amazon-smartstate@5.10.1.2-1%3Farch=el7cf"},{"url":"http://public2.vulnerablecode.io/api/packages/151779?format=json","purl":"pkg:rpm/redhat/cfme-appliance@5.10.1.2-1?arch=el7cf","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme-appliance@5.10.1.2-1%3Farch=el7cf"},{"url":"http://public2.vulnerablecode.io/api/packages/151775?format=json","purl":"pkg:rpm/redhat/cfme-gemset@5.10.1.2-1?arch=el7cf","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cfme-gemset@5.10.1.2-1%3Farch=el7cf"},{"url":"http://public2.vulnerablecode.io/api/packages/151776?format=json","purl":"pkg:rpm/redhat/erlang@18.3.4.7-1?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/erlang@18.3.4.7-1%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/151774?format=json","purl":"pkg:rpm/redhat/erlang@20.3.8.9-2?arch=el7at","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/erlang@20.3.8.9-2%3Farch=el7at"},{"url":"http://public2.vulnerablecode.io/api/packages/151781?format=json","purl":"pkg:rpm/redhat/nginx@1:1.14.1-1?arch=el7at","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nginx@1:1.14.1-1%3Farch=el7at"},{"url":"http://public2.vulnerablecode.io/api/packages/151777?format=json","purl":"pkg:rpm/redhat/rabbitmq-server@3.7.4-2?arch=el7at","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q6mc-q5jc-7qaq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rabbitmq-server@3.7.4-2%3Farch=el7at"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000385.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000385","reference_id":"","reference_type":"","scores":[{"value":"0.83321","scoring_system":"epss","scoring_elements":"0.99287","published_at":"2026-06-04T12:55:00Z"},{"value":"0.83321","scoring_system":"epss","scoring_elements":"0.99288","published_at":"2026-06-05T12:55:00Z"},{"value":"0.83321","scoring_system":"epss","scoring_elements":"0.99289","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1520400","reference_id":"1520400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1520400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0242","reference_id":"RHSA-2018:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0303","reference_id":"RHSA-2018:0303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0368","reference_id":"RHSA-2018:0368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0528","reference_id":"RHSA-2018:0528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0528"},{"reference_url":"https://usn.ubuntu.com/3571-1/","reference_id":"USN-3571-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3571-1/"}],"weaknesses":[{"cwe_id":300,"name":"Channel Accessible by Non-Endpoint","description":"The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint."}],"exploits":[{"date_added":null,"description":"Some TLS implementations handle errors processing RSA key exchanges and\n        encryption (PKCS #1 v1.5 messages) in a broken way that leads an\n        adaptive chosen-chiphertext attack. Attackers cannot recover a server's\n        private key, but they can decrypt and sign messages with it. A strong\n        oracle occurs when the TLS server does not strictly check message\n        formatting and needs less than a million requests on average to decode\n        a given ciphertext. A weak oracle server strictly checks message\n        formatting and often requires many more requests to perform the attack.\n\n        This module requires Python 3 with the gmpy2 and cryptography packages\n        to be present.","required_action":null,"due_date":null,"notes":"AKA:\n  - ROBOT\n  - Adaptive chosen-ciphertext attack\n","known_ransomware_campaign_use":false,"source_date_published":"2009-06-17","exploit_type":null,"platform":"","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl/bleichenbacher_oracle.py"}],"severity_range_score":"6.1 - 6.5","exploitability":"2.0","weighted_severity":"5.9","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6mc-q5jc-7qaq"}