[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-7055":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":46,"related":47,"reserved_at":9,"published_at":54,"modified_at":55,"state":56,"summary":57,"references_raw":66,"kevs":140,"epss":141,"epss_history":144,"metrics":408,"affected":419},"CVE-2016-7055","There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker's direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44],{"_key":23},"ALPINE-CVE-2016-7055",{"_key":25},"OPENSUSE-SU-2024:11127-1",{"_key":27},"SUSE-SU-2017:0431-1",{"_key":29},"SUSE-SU-2017:0441-1",{"_key":31},"SUSE-SU-2017:0855-1",{"_key":33},"OPENSUSE-SU-2024:11126-1",{"_key":35},"MGASA-2017-0042",{"_key":37},"UBUNTU-CVE-2016-7055",{"_key":39},"USN-3181-1",{"_key":41},"DEBIAN-CVE-2016-7055",{"_key":43},"RHSA-2018:2185",{"_key":45},"RHSA-2018:2186",[],[48,49,50,51,52,53],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},"2017-05-04T20:00:00.000Z","2024-08-06T01:50:46.654Z","Modified",{"cisa_kev":58,"cisa_ransomware":58,"cisa_vendor":9,"epss_severity":59,"epss_score":60,"severity":61,"severity_score":62,"severity_version":63,"severity_source":64,"severity_vector":65,"severity_status":56},false,"low",0.02693,"medium",5.9,"v3.1","nvd","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",[67,75,79,85,90,95,99,103,108,112,118,122,126,130,135],{"url":68,"sources":69,"tags":71},"https://access.redhat.com/errata/RHSA-2018:2185",[70,64],"cve.org",[72,73,74],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":76,"sources":77,"tags":78},"https://access.redhat.com/errata/RHSA-2018:2186",[70,64],[72,73,74],{"url":80,"sources":81,"tags":82},"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",[70,64],[83,84,74],"X Refsource CONFIRM","Patch",{"url":86,"sources":87,"tags":88},"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03744en_us",[70,64],[83,74,89],"VDB Entry",{"url":91,"sources":92,"tags":93},"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.asc",[70,64],[72,94,74],"X Refsource FREEBSD",{"url":96,"sources":97,"tags":98},"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",[70,64],[83,84,74],{"url":100,"sources":101,"tags":102},"https://www.tenable.com/security/tns-2017-04",[70,64],[83,74],{"url":104,"sources":105,"tags":106},"https://security.gentoo.org/glsa/201702-07",[70,64],[72,107,74],"X Refsource GENTOO",{"url":109,"sources":110,"tags":111},"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",[70,64],[83,84,74],{"url":113,"sources":114,"tags":115},"http://www.securityfocus.com/bid/94242",[70,64],[89,116,74,117],"X Refsource BID","US Government Resource",{"url":119,"sources":120,"tags":121},"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03752en_us",[70,64],[83,74],{"url":123,"sources":124,"tags":125},"https://access.redhat.com/errata/RHSA-2018:2187",[70,64],[72,73,74],{"url":127,"sources":128,"tags":129},"https://www.openssl.org/news/secadv/20161110.txt",[70,64],[83,72],{"url":131,"sources":132,"tags":133},"http://www.securitytracker.com/id/1037261",[70,64],[89,134,74],"X Refsource SECTRACK",{"url":136,"sources":137,"tags":138},"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",[70,64],[139,84,74],"X Refsource MISC",[],{"date":142,"score":60,"percentile":143},"2026-06-04",0.86146,[145,149,152,155,158,161,163,165,168,171,174,177,179,181,184,187,190,193,196,199,202,205,208,210,213,216,219,222,225,228,231,234,237,241,244,246,249,252,255,258,261,264,266,269,272,275,278,281,284,287,290,293,296,299,303,306,309,311,314,317,320,323,326,329,332,335,338,341,344,347,350,352,355,358,361,364,368,371,374,377,380,384,387,390,392,394,396,399,402,405],{"date":146,"score":147,"percentile":148},"2025-11-04",0.09182,0.92331,{"date":150,"score":147,"percentile":151},"2025-11-05",0.92332,{"date":153,"score":147,"percentile":154},"2025-11-06",0.92333,{"date":156,"score":147,"percentile":157},"2025-11-07",0.92336,{"date":159,"score":147,"percentile":160},"2025-11-08",0.92334,{"date":162,"score":147,"percentile":151},"2025-11-09",{"date":164,"score":147,"percentile":151},"2025-11-10",{"date":166,"score":147,"percentile":167},"2025-11-11",0.92337,{"date":169,"score":147,"percentile":170},"2025-11-12",0.92344,{"date":172,"score":147,"percentile":173},"2025-11-13",0.92347,{"date":175,"score":147,"percentile":176},"2025-11-14",0.9235,{"date":178,"score":147,"percentile":170},"2025-11-15",{"date":180,"score":147,"percentile":176},"2025-11-16",{"date":182,"score":147,"percentile":183},"2025-11-17",0.92348,{"date":185,"score":147,"percentile":186},"2025-11-18",0.91849,{"date":188,"score":147,"percentile":189},"2025-11-19",0.91852,{"date":191,"score":147,"percentile":192},"2025-11-20",0.91857,{"date":194,"score":147,"percentile":195},"2025-11-21",0.9236,{"date":197,"score":147,"percentile":198},"2025-11-22",0.92359,{"date":200,"score":147,"percentile":201},"2025-11-23",0.92364,{"date":203,"score":147,"percentile":204},"2025-11-24",0.92365,{"date":206,"score":147,"percentile":207},"2025-11-25",0.92366,{"date":209,"score":147,"percentile":204},"2025-11-26",{"date":211,"score":147,"percentile":212},"2025-11-27",0.92363,{"date":214,"score":147,"percentile":215},"2025-11-28",0.92354,{"date":217,"score":147,"percentile":218},"2025-11-29",0.92372,{"date":220,"score":147,"percentile":221},"2025-11-30",0.92369,{"date":223,"score":147,"percentile":224},"2025-12-01",0.92416,{"date":226,"score":147,"percentile":227},"2025-12-02",0.92421,{"date":229,"score":147,"percentile":230},"2025-12-03",0.92424,{"date":232,"score":147,"percentile":233},"2025-12-04",0.92378,{"date":235,"score":147,"percentile":236},"2025-12-05",0.92382,{"date":238,"score":239,"percentile":240},"2025-12-06",0.06977,0.91076,{"date":242,"score":239,"percentile":243},"2025-12-07",0.91074,{"date":245,"score":239,"percentile":243},"2025-12-08",{"date":247,"score":239,"percentile":248},"2025-12-09",0.91077,{"date":250,"score":239,"percentile":251},"2025-12-10",0.91083,{"date":253,"score":239,"percentile":254},"2025-12-11",0.91089,{"date":256,"score":239,"percentile":257},"2025-12-12",0.91092,{"date":259,"score":239,"percentile":260},"2025-12-13",0.91082,{"date":262,"score":239,"percentile":263},"2025-12-14",0.91081,{"date":265,"score":239,"percentile":251},"2025-12-15",{"date":267,"score":239,"percentile":268},"2025-12-16",0.91094,{"date":270,"score":239,"percentile":271},"2025-12-17",0.91103,{"date":273,"score":239,"percentile":274},"2025-12-18",0.91106,{"date":276,"score":239,"percentile":277},"2025-12-19",0.91107,{"date":279,"score":239,"percentile":280},"2025-12-20",0.91108,{"date":282,"score":239,"percentile":283},"2025-12-21",0.91117,{"date":285,"score":239,"percentile":286},"2025-12-22",0.91112,{"date":288,"score":239,"percentile":289},"2025-12-23",0.91122,{"date":291,"score":239,"percentile":292},"2025-12-24",0.91129,{"date":294,"score":239,"percentile":295},"2025-12-25",0.91131,{"date":297,"score":239,"percentile":298},"2025-12-26",0.9113,{"date":300,"score":301,"percentile":302},"2025-12-27",0.08328,0.92001,{"date":304,"score":239,"percentile":305},"2025-12-28",0.91128,{"date":307,"score":239,"percentile":308},"2025-12-29",0.91124,{"date":310,"score":239,"percentile":292},"2025-12-30",{"date":312,"score":239,"percentile":313},"2025-12-31",0.91138,{"date":315,"score":239,"percentile":316},"2026-01-01",0.91204,{"date":318,"score":239,"percentile":319},"2026-01-02",0.91199,{"date":321,"score":239,"percentile":322},"2026-01-03",0.91197,{"date":324,"score":239,"percentile":325},"2026-01-04",0.91149,{"date":327,"score":239,"percentile":328},"2026-01-05",0.91148,{"date":330,"score":239,"percentile":331},"2026-01-06",0.91152,{"date":333,"score":239,"percentile":334},"2026-01-07",0.91154,{"date":336,"score":239,"percentile":337},"2026-01-08",0.91156,{"date":339,"score":239,"percentile":340},"2026-01-09",0.91161,{"date":342,"score":239,"percentile":343},"2026-01-10",0.91164,{"date":345,"score":239,"percentile":346},"2026-01-11",0.91157,{"date":348,"score":239,"percentile":349},"2026-01-12",0.91158,{"date":351,"score":239,"percentile":337},"2026-01-13",{"date":353,"score":239,"percentile":354},"2026-01-14",0.91168,{"date":356,"score":239,"percentile":357},"2026-01-15",0.91173,{"date":359,"score":239,"percentile":360},"2026-01-16",0.91175,{"date":362,"score":239,"percentile":363},"2026-01-17",0.91179,{"date":365,"score":366,"percentile":367},"2026-01-18",0.02055,0.83438,{"date":369,"score":366,"percentile":370},"2026-01-19",0.83434,{"date":372,"score":366,"percentile":373},"2026-01-20",0.83441,{"date":375,"score":366,"percentile":376},"2026-01-21",0.83447,{"date":378,"score":366,"percentile":379},"2026-01-22",0.83453,{"date":381,"score":382,"percentile":383},"2026-01-23",0.02,0.83259,{"date":385,"score":382,"percentile":386},"2026-01-24",0.83268,{"date":388,"score":382,"percentile":389},"2026-01-25",0.8326,{"date":391,"score":382,"percentile":383},"2026-01-26",{"date":393,"score":382,"percentile":383},"2026-01-27",{"date":395,"score":382,"percentile":389},"2026-01-28",{"date":397,"score":382,"percentile":398},"2026-01-29",0.83262,{"date":400,"score":382,"percentile":401},"2026-01-30",0.83265,{"date":403,"score":382,"percentile":404},"2026-01-31",0.8327,{"date":406,"score":382,"percentile":407},"2026-02-01",0.83344,[409],{"source":64,"cvss_v2_0":410,"cvss_v3_0":9,"cvss_v3_1":415,"cvss_v4_0":9},{"baseScore":411,"baseSeverity":9,"vectorString":412,"impactScore":413,"exploitabilityScore":414},2.6,"AV:N/AC:H/Au:N/C:N/I:N/A:P",2.9,4.9,{"baseScore":62,"baseSeverity":416,"vectorString":65,"impactScore":417,"exploitabilityScore":418},"MEDIUM",6,5.6,[420,449],{"ecosystem":9,"name":421,"vendor":422,"product":421,"cpe_part":423,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":424},"node.js","nodejs","a",[425,432,437,441,445],{"version":426,"is_range":427,"range_type":428,"version_start":429,"version_start_type":430,"version_end":431,"version_end_type":430,"fixed_in":9},"gte4.0.0_lte4.1.2",true,"cpe","4.0.0","including","4.1.2",{"version":433,"is_range":427,"range_type":428,"version_start":434,"version_start_type":430,"version_end":435,"version_end_type":436,"fixed_in":9},"gte4.2.0_lt4.7.3","4.2.0","4.7.3","excluding",{"version":438,"is_range":427,"range_type":428,"version_start":439,"version_start_type":430,"version_end":440,"version_end_type":430,"fixed_in":9},"gte6.0.0_lte6.8.1","6.0.0","6.8.1",{"version":442,"is_range":427,"range_type":428,"version_start":443,"version_start_type":430,"version_end":444,"version_end_type":436,"fixed_in":9},"gte6.9.0_lt6.9.5","6.9.0","6.9.5",{"version":446,"is_range":427,"range_type":428,"version_start":447,"version_start_type":430,"version_end":448,"version_end_type":436,"fixed_in":9},"gte7.0.0_lt7.5.0","7.0.0","7.5.0",{"ecosystem":9,"name":450,"vendor":9,"product":450,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":451},"OpenSSL",[452,456],{"version":453,"is_range":427,"range_type":428,"version_start":454,"version_start_type":430,"version_end":455,"version_end_type":436,"fixed_in":9},"gte1.0.2_lt1.0.2k","1.0.2","1.0.2k",{"version":457,"is_range":427,"range_type":428,"version_start":458,"version_start_type":430,"version_end":459,"version_end_type":436,"fixed_in":9},"gte1.1.0_lt1.1.0c","1.1.0","1.1.0c"]