[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-1563":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":145,"aliases":146,"duplicate_of":9,"upstream":147,"downstream":148,"duplicates":209,"related":210,"reserved_at":9,"published_at":230,"modified_at":231,"state":232,"summary":233,"references_raw":242,"kevs":375,"epss":376,"epss_history":379,"metrics":651,"affected":662},"CVE-2019-1563","In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-203","Observable Discrepancy","The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.","weakness","Incomplete","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-189","Black Box Reverse Engineering",[],{"_key":24,"id":24,"name":25,"description":26,"type":15,"status":27,"abstraction":28,"likelihood_of_exploit":29,"capec":30},"CWE-327","Use of a Broken or Risky Cryptographic Algorithm","The product uses a broken or risky cryptographic algorithm or protocol.","Draft","Class","High",[31,35,39,129,133,137,141],{"id":32,"name":33,"techniques":34},"CAPEC-20","Encryption Brute Forcing",[],{"id":36,"name":37,"techniques":38},"CAPEC-459","Creating a Rogue Certification Authority Certificate",[],{"id":40,"name":41,"techniques":42},"CAPEC-473","Signature Spoof",[43,120],{"id":44,"name":45,"tactics":46,"countermeasures":53},"T1036.001","Invalid Code Signature",[47,50],{"id":48,"name":49},"TA0030","Defense Evasion",{"id":51,"name":52},"TA0005","Stealth",[54,59,63,67,71,76,81,86,91,96,100,104,108,112,116],{"id":55,"name":56,"tactic":57},"D3-FA","File Analysis",{"name":58},"Detect",{"id":60,"name":61,"tactic":62},"D3-FIM","File Integrity Monitoring",{"name":58},{"id":64,"name":65,"tactic":66},"D3-DA","Dynamic Analysis",{"name":58},{"id":68,"name":69,"tactic":70},"D3-EFA","Emulated File Analysis",{"name":58},{"id":72,"name":73,"tactic":74},"D3-FEV","File Eviction",{"name":75},"Evict",{"id":77,"name":78,"tactic":79},"D3-DF","Decoy File",{"name":80},"Deceive",{"id":82,"name":83,"tactic":84},"D3-FE","File Encryption",{"name":85},"Harden",{"id":87,"name":88,"tactic":89},"D3-RF","Restore File",{"name":90},"Restore",{"id":92,"name":93,"tactic":94},"D3-CF","Content Filtering",{"name":95},"Isolate",{"id":97,"name":98,"tactic":99},"D3-LFP","Local File Permissions",{"name":95},{"id":101,"name":102,"tactic":103},"D3-RFAM","Remote File Access Mediation",{"name":95},{"id":105,"name":106,"tactic":107},"D3-CQ","Content Quarantine",{"name":95},{"id":109,"name":110,"tactic":111},"D3-CM","Content Modification",{"name":95},{"id":113,"name":114,"tactic":115},"D3-EAL","Executable Allowlisting",{"name":95},{"id":117,"name":118,"tactic":119},"D3-EDL","Executable Denylisting",{"name":95},{"id":121,"name":122,"tactics":123,"countermeasures":128},"T1553.002","Code Signing",[124,125],{"id":48,"name":49},{"id":126,"name":127},"TA0112","Defense Impairment",[],{"id":130,"name":131,"techniques":132},"CAPEC-475","Signature Spoofing by Improper Validation",[],{"id":134,"name":135,"techniques":136},"CAPEC-608","Cryptanalysis of Cellular Encryption",[],{"id":138,"name":139,"techniques":140},"CAPEC-614","Rooting SIM Cards",[],{"id":142,"name":143,"techniques":144},"CAPEC-97","Cryptanalysis",[],[],[],[],[149,151,153,155,157,159,161,163,165,167,169,171,173,175,177,179,181,183,185,187,189,191,193,195,197,199,201,203,205,207],{"_key":150},"ALPINE-CVE-2019-1563",{"_key":152},"SUSE-SU-2020:2634-1",{"_key":154},"OPENSUSE-SU-2019:2268-1",{"_key":156},"OPENSUSE-SU-2024:11127-1",{"_key":158},"SUSE-SU-2019:14171-1",{"_key":160},"SUSE-SU-2019:14174-1",{"_key":162},"SUSE-SU-2019:14249-1",{"_key":164},"SUSE-SU-2019:2397-1",{"_key":166},"SUSE-SU-2019:2403-1",{"_key":168},"SUSE-SU-2019:2410-1",{"_key":170},"SUSE-SU-2019:2413-1",{"_key":172},"SUSE-SU-2019:2504-1",{"_key":174},"SUSE-SU-2019:2558-1",{"_key":176},"SUSE-SU-2019:2561-1",{"_key":178},"SUSE-SU-2020:0099-1",{"_key":180},"OPENSUSE-SU-2019:2158-1",{"_key":182},"OPENSUSE-SU-2019:2189-1",{"_key":184},"OPENSUSE-SU-2019:2269-1",{"_key":186},"OPENSUSE-SU-2024:11126-1",{"_key":188},"DLA-1932-1",{"_key":190},"DSA-4539-1",{"_key":192},"DSA-4540-1",{"_key":194},"MGASA-2019-0354",{"_key":196},"UBUNTU-CVE-2019-1563",{"_key":198},"USN-4376-1",{"_key":200},"USN-4504-1",{"_key":202},"USN-4376-2",{"_key":204},"DEBIAN-CVE-2019-1563",{"_key":206},"RHSA-2020:1337",{"_key":208},"RHSA-2020:1840",[],[211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229],{"_key":152},{"_key":154},{"_key":156},{"_key":158},{"_key":160},{"_key":162},{"_key":164},{"_key":166},{"_key":168},{"_key":170},{"_key":172},{"_key":174},{"_key":176},{"_key":178},{"_key":180},{"_key":182},{"_key":184},{"_key":186},{"_key":194},"2019-09-10T16:58:35.407Z","2024-09-17T01:11:46.014Z","Modified",{"cisa_kev":234,"cisa_ransomware":234,"cisa_vendor":9,"epss_severity":235,"epss_score":236,"severity":237,"severity_score":238,"severity_version":239,"severity_source":240,"severity_vector":241,"severity_status":232},false,"low",0.01121,"medium",4.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:N/A:N",[243,250,256,261,265,270,274,278,282,287,291,295,299,304,309,314,318,322,326,331,335,339,343,347,351,355,359,363,367,371],{"url":244,"sources":245,"tags":247},"https://seclists.org/bugtraq/2019/Sep/25",[246,240],"cve.org",[248,249],"Mailing List","X Refsource BUGTRAQ",{"url":251,"sources":252,"tags":253},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html",[246,240],[254,255],"Vendor Advisory","X Refsource SUSE",{"url":257,"sources":258,"tags":259},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/",[246,240],[254,260],"X Refsource FEDORA",{"url":262,"sources":263,"tags":264},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html",[246,240],[254,255],{"url":266,"sources":267,"tags":268},"https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html",[246,240],[248,269],"X Refsource MLIST",{"url":271,"sources":272,"tags":273},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/",[246,240],[254,260],{"url":275,"sources":276,"tags":277},"https://seclists.org/bugtraq/2019/Oct/1",[246,240],[248,249],{"url":279,"sources":280,"tags":281},"https://seclists.org/bugtraq/2019/Oct/0",[246,240],[248,249],{"url":283,"sources":284,"tags":285},"https://www.debian.org/security/2019/dsa-4539",[246,240],[254,286],"X Refsource DEBIAN",{"url":288,"sources":289,"tags":290},"https://www.debian.org/security/2019/dsa-4540",[246,240],[254,286],{"url":292,"sources":293,"tags":294},"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html",[246,240],[254,255],{"url":296,"sources":297,"tags":298},"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html",[246,240],[254,255],{"url":300,"sources":301,"tags":302},"https://security.gentoo.org/glsa/201911-04",[246,240],[254,303],"X Refsource GENTOO",{"url":305,"sources":306,"tags":307},"https://usn.ubuntu.com/4376-1/",[246,240],[254,308],"X Refsource UBUNTU",{"url":310,"sources":311,"tags":312},"https://www.oracle.com/security-alerts/cpuapr2020.html",[246,240],[313],"X Refsource MISC",{"url":315,"sources":316,"tags":317},"https://www.oracle.com/security-alerts/cpujul2020.html",[246,240],[313],{"url":319,"sources":320,"tags":321},"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",[246,240],[313],{"url":323,"sources":324,"tags":325},"https://www.oracle.com/security-alerts/cpujan2020.html",[246,240],[313],{"url":327,"sources":328,"tags":329},"https://www.openssl.org/news/secadv/20190910.txt",[246,240],[330,254],"X Refsource CONFIRM",{"url":332,"sources":333,"tags":334},"http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html",[246,240],[313],{"url":336,"sources":337,"tags":338},"https://security.netapp.com/advisory/ntap-20190919-0002/",[246,240],[330],{"url":340,"sources":341,"tags":342},"https://www.tenable.com/security/tns-2019-09",[246,240],[330],{"url":344,"sources":345,"tags":346},"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=08229ad838c50f644d7e928e2eef147b4308ad64",[246,240],[330],{"url":348,"sources":349,"tags":350},"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=631f94db0065c78181ca9ba5546ebc8bb3884b97",[246,240],[330],{"url":352,"sources":353,"tags":354},"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e21f8cf78a125cd3c8c0d1a1a6c8bb0b901f893f",[246,240],[330],{"url":356,"sources":357,"tags":358},"https://support.f5.com/csp/article/K97324400?utm_source=f5support&amp%3Butm_medium=RSS",[246,240],[330],{"url":360,"sources":361,"tags":362},"https://usn.ubuntu.com/4376-2/",[246,240],[254,308],{"url":364,"sources":365,"tags":366},"https://usn.ubuntu.com/4504-1/",[246,240],[254,308],{"url":368,"sources":369,"tags":370},"https://www.oracle.com/security-alerts/cpuoct2020.html",[246,240],[313],{"url":372,"sources":373,"tags":374},"https://kc.mcafee.com/corporate/index?page=content&id=SB10365",[246,240],[330],[],{"date":377,"score":236,"percentile":378},"2026-06-04",0.78583,[380,384,387,390,393,396,399,402,405,408,411,414,417,419,422,426,429,432,436,439,442,445,448,452,455,458,461,464,468,472,474,478,481,484,486,489,492,495,498,501,504,507,510,513,516,519,522,525,528,531,533,536,539,542,546,549,552,554,556,560,563,566,570,573,576,579,582,585,588,591,594,596,599,601,604,607,611,614,616,619,622,625,628,631,633,636,638,641,644,647],{"date":381,"score":382,"percentile":383},"2025-11-04",0.01423,0.79961,{"date":385,"score":382,"percentile":386},"2025-11-05",0.79963,{"date":388,"score":382,"percentile":389},"2025-11-06",0.79966,{"date":391,"score":382,"percentile":392},"2025-11-07",0.79978,{"date":394,"score":382,"percentile":395},"2025-11-08",0.79984,{"date":397,"score":382,"percentile":398},"2025-11-09",0.79981,{"date":400,"score":382,"percentile":401},"2025-11-10",0.79975,{"date":403,"score":382,"percentile":404},"2025-11-11",0.7998,{"date":406,"score":382,"percentile":407},"2025-11-12",0.79993,{"date":409,"score":382,"percentile":410},"2025-11-13",0.79999,{"date":412,"score":382,"percentile":413},"2025-11-14",0.80006,{"date":415,"score":382,"percentile":416},"2025-11-15",0.80005,{"date":418,"score":382,"percentile":416},"2025-11-16",{"date":420,"score":382,"percentile":421},"2025-11-17",0.80004,{"date":423,"score":424,"percentile":425},"2025-11-18",0.02635,0.84391,{"date":427,"score":424,"percentile":428},"2025-11-19",0.84394,{"date":430,"score":424,"percentile":431},"2025-11-20",0.84402,{"date":433,"score":434,"percentile":435},"2025-11-21",0.01921,0.82798,{"date":437,"score":434,"percentile":438},"2025-11-22",0.82799,{"date":440,"score":434,"percentile":441},"2025-11-23",0.82793,{"date":443,"score":434,"percentile":444},"2025-11-24",0.82791,{"date":446,"score":434,"percentile":447},"2025-11-25",0.82794,{"date":449,"score":450,"percentile":451},"2025-11-26",0.01933,0.82844,{"date":453,"score":450,"percentile":454},"2025-11-27",0.82845,{"date":456,"score":450,"percentile":457},"2025-11-28",0.82833,{"date":459,"score":450,"percentile":460},"2025-11-29",0.82838,{"date":462,"score":450,"percentile":463},"2025-11-30",0.82842,{"date":465,"score":466,"percentile":467},"2025-12-01",0.02775,0.85618,{"date":469,"score":470,"percentile":471},"2025-12-02",0.02483,0.84867,{"date":473,"score":470,"percentile":471},"2025-12-03",{"date":475,"score":476,"percentile":477},"2025-12-04",0.01986,0.83044,{"date":479,"score":476,"percentile":480},"2025-12-05",0.8305,{"date":482,"score":476,"percentile":483},"2025-12-06",0.83047,{"date":485,"score":476,"percentile":477},"2025-12-07",{"date":487,"score":476,"percentile":488},"2025-12-08",0.83046,{"date":490,"score":476,"percentile":491},"2025-12-09",0.83061,{"date":493,"score":476,"percentile":494},"2025-12-10",0.83085,{"date":496,"score":476,"percentile":497},"2025-12-11",0.831,{"date":499,"score":476,"percentile":500},"2025-12-12",0.83109,{"date":502,"score":476,"percentile":503},"2025-12-13",0.83107,{"date":505,"score":476,"percentile":506},"2025-12-14",0.83104,{"date":508,"score":450,"percentile":509},"2025-12-15",0.82901,{"date":511,"score":450,"percentile":512},"2025-12-16",0.8291,{"date":514,"score":450,"percentile":515},"2025-12-17",0.82919,{"date":517,"score":450,"percentile":518},"2025-12-18",0.82926,{"date":520,"score":450,"percentile":521},"2025-12-19",0.8293,{"date":523,"score":450,"percentile":524},"2025-12-20",0.82923,{"date":526,"score":450,"percentile":527},"2025-12-21",0.8292,{"date":529,"score":450,"percentile":530},"2025-12-22",0.82924,{"date":532,"score":450,"percentile":521},"2025-12-23",{"date":534,"score":450,"percentile":535},"2025-12-24",0.82938,{"date":537,"score":450,"percentile":538},"2025-12-25",0.82953,{"date":540,"score":450,"percentile":541},"2025-12-26",0.82959,{"date":543,"score":544,"percentile":545},"2025-12-27",0.01645,0.81572,{"date":547,"score":450,"percentile":548},"2025-12-28",0.82945,{"date":550,"score":450,"percentile":551},"2025-12-29",0.82937,{"date":553,"score":450,"percentile":548},"2025-12-30",{"date":555,"score":450,"percentile":541},"2025-12-31",{"date":557,"score":558,"percentile":559},"2026-01-01",0.02417,0.84763,{"date":561,"score":558,"percentile":562},"2026-01-02",0.84761,{"date":564,"score":558,"percentile":565},"2026-01-03",0.84756,{"date":567,"score":568,"percentile":569},"2026-01-04",0.02203,0.83987,{"date":571,"score":568,"percentile":572},"2026-01-05",0.83981,{"date":574,"score":568,"percentile":575},"2026-01-06",0.83988,{"date":577,"score":568,"percentile":578},"2026-01-07",0.83985,{"date":580,"score":568,"percentile":581},"2026-01-08",0.83993,{"date":583,"score":568,"percentile":584},"2026-01-09",0.83995,{"date":586,"score":568,"percentile":587},"2026-01-10",0.8399,{"date":589,"score":568,"percentile":590},"2026-01-11",0.83989,{"date":592,"score":568,"percentile":593},"2026-01-12",0.83984,{"date":595,"score":568,"percentile":572},"2026-01-13",{"date":597,"score":568,"percentile":598},"2026-01-14",0.84,{"date":600,"score":568,"percentile":598},"2026-01-15",{"date":602,"score":568,"percentile":603},"2026-01-16",0.84009,{"date":605,"score":568,"percentile":606},"2026-01-17",0.84013,{"date":608,"score":609,"percentile":610},"2026-01-18",0.01633,0.81479,{"date":612,"score":609,"percentile":613},"2026-01-19",0.81473,{"date":615,"score":609,"percentile":613},"2026-01-20",{"date":617,"score":609,"percentile":618},"2026-01-21",0.8148,{"date":620,"score":609,"percentile":621},"2026-01-22",0.81489,{"date":623,"score":609,"percentile":624},"2026-01-23",0.81513,{"date":626,"score":609,"percentile":627},"2026-01-24",0.8152,{"date":629,"score":609,"percentile":630},"2026-01-25",0.81516,{"date":632,"score":609,"percentile":630},"2026-01-26",{"date":634,"score":609,"percentile":635},"2026-01-27",0.81514,{"date":637,"score":609,"percentile":624},"2026-01-28",{"date":639,"score":609,"percentile":640},"2026-01-29",0.8151,{"date":642,"score":609,"percentile":643},"2026-01-30",0.81511,{"date":645,"score":609,"percentile":646},"2026-01-31",0.81515,{"date":648,"score":649,"percentile":650},"2026-02-01",0.02752,0.85696,[652],{"source":240,"cvss_v2_0":653,"cvss_v3_0":9,"cvss_v3_1":656,"cvss_v4_0":9},{"baseScore":238,"baseSeverity":9,"vectorString":241,"impactScore":654,"exploitabilityScore":655},2.9,8.6,{"baseScore":657,"baseSeverity":658,"vectorString":659,"impactScore":660,"exploitabilityScore":661},3.7,"LOW","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",2.3,5.6,[663],{"ecosystem":9,"name":664,"vendor":9,"product":664,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":665},"OpenSSL",[666,673,677,681,683,685],{"version":667,"is_range":668,"range_type":669,"version_start":670,"version_start_type":671,"version_end":672,"version_end_type":671,"fixed_in":9},"gte1.0.2_lte1.0.2s",true,"cpe","1.0.2","including","1.0.2s",{"version":674,"is_range":668,"range_type":669,"version_start":675,"version_start_type":671,"version_end":676,"version_end_type":671,"fixed_in":9},"gte1.1.0_lte1.1.0k","1.1.0","1.1.0k",{"version":678,"is_range":668,"range_type":669,"version_start":679,"version_start_type":671,"version_end":680,"version_end_type":671,"fixed_in":9},"gte1.1.1_lte1.1.1c","1.1.1","1.1.1c",{"version":682,"is_range":234,"range_type":246,"version_start":682,"version_start_type":671,"version_end":682,"version_end_type":671,"fixed_in":9},"Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c)",{"version":684,"is_range":234,"range_type":246,"version_start":684,"version_start_type":671,"version_end":684,"version_end_type":671,"fixed_in":9},"Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k)",{"version":686,"is_range":234,"range_type":246,"version_start":686,"version_start_type":671,"version_end":686,"version_end_type":671,"fixed_in":9},"Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s)"]