Search for vulnerabilities
Vulnerability details: VCID-15zh-e7r1-9ug1
Vulnerability ID VCID-15zh-e7r1-9ug1
Aliases CVE-2016-7054
Summary openssl: Corrupting larger payloads when using ChaCha20/Poly1305 ciphersuites leads to DoS
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-122 Heap-based Buffer Overflow
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7054.json
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
epss 0.25482 https://api.first.org/data/v1/epss?cve=CVE-2016-7054
archlinux High https://security.archlinux.org/AVG-143
archlinux High https://security.archlinux.org/AVG-144
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7054.json
https://api.first.org/data/v1/epss?cve=CVE-2016-7054
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7054
1393920 https://bugzilla.redhat.com/show_bug.cgi?id=1393920
AVG-143 https://security.archlinux.org/AVG-143
AVG-144 https://security.archlinux.org/AVG-144
CVE-2016-7054 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40899.py
Data source Exploit-DB
Date added Dec. 11, 2016
Description OpenSSL 1.1.0a/1.1.0b - Denial of Service
Ransomware campaign use Unknown
Source publication date Dec. 11, 2016
Exploit type dos
Platform linux
Source update date Dec. 12, 2016
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7054.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.95988
EPSS Score 0.25482
Published At Aug. 6, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T10:55:44.330187+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7054.json 37.0.0