VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	Medium	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
generic_textual	High	http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2107.html
rhas	Important	https://access.redhat.com/errata/RHSA-2016:0722
rhas	Important	https://access.redhat.com/errata/RHSA-2016:0996
rhas	Important	https://access.redhat.com/errata/RHSA-2016:2073
rhas	Important	https://access.redhat.com/errata/RHSA-2016:2957
epss	0.78538	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.78538	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.78538	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.78538	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.79137	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.79137	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.81985	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.82039	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.96812	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.96812	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.96812	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.96903	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.96903	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.96903	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.97018	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.97068	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss	0.97068	https://api.first.org/data/v1/epss?cve=CVE-2016-2107
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1331426
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106
generic_textual	High	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
generic_textual	High	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109
cvssv2	7.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	8.1	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
generic_textual	HIGH	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
cvssv3.1	8.1	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
generic_textual	HIGH	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
cvssv2	2.6	https://nvd.nist.gov/vuln/detail/CVE-2016-2107
cvssv3	5.9	https://nvd.nist.gov/vuln/detail/CVE-2016-2107
cvssv3.1	5.9	https://nvd.nist.gov/vuln/detail/CVE-2016-2107
generic_textual	Medium	https://support.apple.com/HT206903
generic_textual	Medium	https://ubuntu.com/security/notices/USN-2959-1
generic_textual	Low	https://www.openssl.org/news/secadv/20160503.txt
cvssv3.1	6.1	https://www.tenable.com/security/tns-2016-18
generic_textual	HIGH	https://www.tenable.com/security/tns-2016-18
cvssv3.1	7.5	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
cvssv3.1	9.8	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
generic_textual	CRITICAL	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
cvssv3.1	9.8	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
generic_textual	CRITICAL	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
cvssv3.1	9.8	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
generic_textual	CRITICAL	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
cvssv3.1	8.1	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
cvssv3.1	5.9	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
cvssv3.1	8.8	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
cvssv3.1	8.8	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

System

Score

Found at

generic_textual

Medium

http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

generic_textual

High

http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2107.html

rhas

Important

https://access.redhat.com/errata/RHSA-2016:0722

rhas

Important

https://access.redhat.com/errata/RHSA-2016:0996

rhas

Important

https://access.redhat.com/errata/RHSA-2016:2073

rhas

Important

https://access.redhat.com/errata/RHSA-2016:2957

epss

0.78538

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.78538

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.78538

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.78538

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.79137

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.79137

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.81985

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.82039

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.96812

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.96812

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.96812

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.96903

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.96903

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.96903

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.97018

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.97068

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

epss

0.97068

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

rhbs

medium

https://bugzilla.redhat.com/show_bug.cgi?id=1331426

generic_textual

Low

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105

generic_textual

Low

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106

generic_textual

High

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107

generic_textual

High

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109

cvssv2

7.1

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv3.1

8.1

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

generic_textual

HIGH

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

cvssv3.1

8.1

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

generic_textual

HIGH

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

cvssv2

2.6

https://nvd.nist.gov/vuln/detail/CVE-2016-2107

cvssv3

5.9

https://nvd.nist.gov/vuln/detail/CVE-2016-2107

cvssv3.1

5.9

https://nvd.nist.gov/vuln/detail/CVE-2016-2107

generic_textual

Medium

https://support.apple.com/HT206903

generic_textual

Medium

https://ubuntu.com/security/notices/USN-2959-1

generic_textual

Low

https://www.openssl.org/news/secadv/20160503.txt

cvssv3.1

6.1

https://www.tenable.com/security/tns-2016-18

generic_textual

HIGH

https://www.tenable.com/security/tns-2016-18

cvssv3.1

7.5

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

generic_textual

HIGH

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

cvssv3.1

9.8

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

generic_textual

CRITICAL

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

cvssv3.1

9.8

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

generic_textual

CRITICAL

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

cvssv3.1

9.8

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

generic_textual

CRITICAL

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

cvssv3.1

8.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

generic_textual

HIGH

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

cvssv3.1

7.5

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

generic_textual

HIGH

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

cvssv3.1

5.9

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

cvssv3.1

8.8

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

generic_textual

HIGH

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

cvssv3.1

8.8

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

generic_textual

HIGH

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Reference id	Reference type	URL
		http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
		http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
		http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html
		http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html
		http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html
		http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html
		http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html
		http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html
		http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2107.html
		http://rhn.redhat.com/errata/RHSA-2016-0722.html
		http://rhn.redhat.com/errata/RHSA-2016-0996.html
		http://rhn.redhat.com/errata/RHSA-2016-2073.html
		http://rhn.redhat.com/errata/RHSA-2016-2957.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2107.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-2107
		https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/
		https://bto.bluecoat.com/security-advisory/sa123
		https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/openssl/openssl/commit/68595c0c2886e7942a14f98c17a55a88afb6c292
		https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292
		https://git.openssl.org/?p=openssl.git;a=commit;h=68595c0c2886e7942a14f98c17a55a88afb6c292
		https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us
		https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03728en_us
		https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us
		https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
		https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202
		https://kc.mcafee.com/corporate/index?page=content&id=SB10160
		http://source.android.com/security/bulletin/2016-07-01.html
		https://security.gentoo.org/glsa/201612-16
		https://security.netapp.com/advisory/ntap-20160504-0001/
		https://support.apple.com/HT206903
		https://ubuntu.com/security/notices/USN-2959-1
		http://support.citrix.com/article/CTX212736
		https://www.exploit-db.com/exploits/39768/
		https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc
		https://www.openssl.org/news/secadv/20160503.txt
		https://www.tenable.com/security/tns-2016-18
		http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl
		http://www.debian.org/security/2016/dsa-3566
		http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
		http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
		http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
		http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
		http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
		http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
		http://www.securityfocus.com/bid/89760
		http://www.securityfocus.com/bid/91787
		http://www.securitytracker.com/id/1035721
		http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103
		http://www.ubuntu.com/usn/USN-2959-1
1331426		https://bugzilla.redhat.com/show_bug.cgi?id=1331426
cpe:2.3:a:hp:helion_openstack:2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.0:::::::*
cpe:2.3:a:hp:helion_openstack:2.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.0.0:::::::*
cpe:2.3:a:hp:helion_openstack:2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1:::::::*
cpe:2.3:a:hp:helion_openstack:2.1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.0:::::::*
cpe:2.3:a:hp:helion_openstack:2.1.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.2:::::::*
cpe:2.3:a:hp:helion_openstack:2.1.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.4:::::::*
cpe:2.3:a:nodejs:node.js::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js::::::::
cpe:2.3:a:nodejs:node.js:::::-:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:::::-:::*
cpe:2.3:a:nodejs:node.js:6.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.0.0:::::::*
cpe:2.3:a:nodejs:node.js:::::lts:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:::::lts:::*
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
cpe:2.3:a:openssl:openssl:1.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:::::::*
cpe:2.3:a:openssl:openssl:1.0.2a:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2a:::::::*
cpe:2.3:a:openssl:openssl:1.0.2b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2b:::::::*
cpe:2.3:a:openssl:openssl:1.0.2:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta1::::::
cpe:2.3:a:openssl:openssl:1.0.2:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta2::::::
cpe:2.3:a:openssl:openssl:1.0.2:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta3::::::
cpe:2.3:a:openssl:openssl:1.0.2c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2c:::::::*
cpe:2.3:a:openssl:openssl:1.0.2d:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2d:::::::*
cpe:2.3:a:openssl:openssl:1.0.2e:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2e:::::::*
cpe:2.3:a:openssl:openssl:1.0.2f:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2f:::::::*
cpe:2.3:a:openssl:openssl:1.0.2g:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2g:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:google:android:4.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*
cpe:2.3:o:google:android:4.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*
cpe:2.3:o:google:android:4.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*
cpe:2.3:o:google:android:4.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*
cpe:2.3:o:google:android:4.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*
cpe:2.3:o:google:android:4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*
cpe:2.3:o:google:android:4.1.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*
cpe:2.3:o:google:android:4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*
cpe:2.3:o:google:android:4.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*
cpe:2.3:o:google:android:4.2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*
cpe:2.3:o:google:android:4.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*
cpe:2.3:o:google:android:4.3.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*
cpe:2.3:o:google:android:4.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:::::::*
cpe:2.3:o:google:android:4.4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:::::::*
cpe:2.3:o:google:android:4.4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:::::::*
cpe:2.3:o:google:android:4.4.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:::::::*
cpe:2.3:o:google:android:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*
cpe:2.3:o:google:android:5.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*
cpe:2.3:o:google:android:5.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*
cpe:2.3:o:google:android:5.1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:::::::*
cpe:2.3:o:opensuse:leap:42.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
cpe:2.3:o:opensuse:opensuse:13.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2016-2107	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39768.txt
CVE-2016-2107		https://nvd.nist.gov/vuln/detail/CVE-2016-2107
CVE-2016-2107	Exploit	http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html
RHSA-2016:0722		https://access.redhat.com/errata/RHSA-2016:0722
RHSA-2016:0996		https://access.redhat.com/errata/RHSA-2016:0996
RHSA-2016:2073		https://access.redhat.com/errata/RHSA-2016:2073
RHSA-2016:2957		https://access.redhat.com/errata/RHSA-2016:2957
USN-2959-1		https://usn.ubuntu.com/2959-1/

Reference id

Reference type

URL

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html

http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html

http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2107.html

http://rhn.redhat.com/errata/RHSA-2016-0722.html

http://rhn.redhat.com/errata/RHSA-2016-0996.html

http://rhn.redhat.com/errata/RHSA-2016-2073.html

http://rhn.redhat.com/errata/RHSA-2016-2957.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2107.json

https://api.first.org/data/v1/epss?cve=CVE-2016-2107

https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/

https://bto.bluecoat.com/security-advisory/sa123

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://github.com/openssl/openssl/commit/68595c0c2886e7942a14f98c17a55a88afb6c292

https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292

https://git.openssl.org/?p=openssl.git;a=commit;h=68595c0c2886e7942a14f98c17a55a88afb6c292

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03728en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202

https://kc.mcafee.com/corporate/index?page=content&id=SB10160

http://source.android.com/security/bulletin/2016-07-01.html

https://security.gentoo.org/glsa/201612-16

https://security.netapp.com/advisory/ntap-20160504-0001/

https://support.apple.com/HT206903

https://ubuntu.com/security/notices/USN-2959-1

http://support.citrix.com/article/CTX212736

https://www.exploit-db.com/exploits/39768/

https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc

https://www.openssl.org/news/secadv/20160503.txt

https://www.tenable.com/security/tns-2016-18

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl

http://www.debian.org/security/2016/dsa-3566

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.securityfocus.com/bid/89760

http://www.securityfocus.com/bid/91787

http://www.securitytracker.com/id/1035721

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103

http://www.ubuntu.com/usn/USN-2959-1

1331426

https://bugzilla.redhat.com/show_bug.cgi?id=1331426

cpe:2.3:a:hp:helion_openstack:2.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*

cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2016-2107

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39768.txt

CVE-2016-2107

https://nvd.nist.gov/vuln/detail/CVE-2016-2107

CVE-2016-2107

Exploit

http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html

RHSA-2016:0722

https://access.redhat.com/errata/RHSA-2016:0722

RHSA-2016:0996

https://access.redhat.com/errata/RHSA-2016:0996

RHSA-2016:2073

https://access.redhat.com/errata/RHSA-2016:2073

RHSA-2016:2957

https://access.redhat.com/errata/RHSA-2016:2957

USN-2959-1

https://usn.ubuntu.com/2959-1/

Data source	Exploit-DB
Date added	May 4, 2016
Description	OpenSSL - Padding Oracle in AES-NI CBC MAC Check
Ransomware campaign use	Known
Source publication date	May 4, 2016
Exploit type	dos
Platform	multiple
Source update date	May 4, 2016
Source URL	http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html

Exploit-DB

May 4, 2016

OpenSSL - Padding Oracle in AES-NI CBC MAC Check

Known

May 4, 2016

dos

multiple

May 4, 2016

http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html

Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-2107

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-2107

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-2107

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://www.tenable.com/security/tns-2016-18

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-cg17-ah7e-aaag
Aliases	CVE-2016-2107 VC-OPENSSL-20160503-CVE-2016-2107
Summary	The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-310	Cryptographic Issues
CWE-200	Exposure of Sensitive Information to an Unauthorized Actor

Percentile	0.98966
EPSS Score	0.78538
Published At	May 1, 2025, 12:55 p.m.