[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-0727":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":90,"related":91,"reserved_at":9,"published_at":123,"modified_at":124,"state":125,"summary":126,"references_raw":135,"kevs":227,"epss":228,"epss_history":231,"metrics":508,"affected":518},"CVE-2024-0727","Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL\nto crash leading to a potential Denial of Service attack\n\nImpact summary: Applications loading files in the PKCS12 format from untrusted\nsources might terminate abruptly.\n\nA file in PKCS12 format can contain certificates and keys and may come from an\nuntrusted source. The PKCS12 specification allows certain fields to be NULL, but\nOpenSSL does not correctly check for this case. This can lead to a NULL pointer\ndereference that results in OpenSSL crashing. If an application processes PKCS12\nfiles from an untrusted source using the OpenSSL APIs then that application will\nbe vulnerable to this issue.\n\nOpenSSL APIs that are vulnerable to this are: PKCS12_parse(),\nPKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()\nand PKCS12_newpass().\n\nWe have also fixed a similar issue in SMIME_write_PKCS7(). However since this\nfunction is related to writing data we do not consider it security significant.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],{"_key":21,"id":21,"name":22,"description":23,"type":24,"status":25,"abstraction":9,"likelihood_of_exploit":9,"capec":26},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[29],"GHSA-9v9h-cgj8-h64p",[],[32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88],{"_key":33},"ALPINE-CVE-2024-0727",{"_key":35},"SUSE-SU-2024:0813-1",{"_key":37},"SUSE-SU-2024:0840-1",{"_key":39},"SUSE-SU-2024:0814-1",{"_key":41},"SUSE-SU-2024:0832-1",{"_key":43},"SUSE-SU-2024:0841-1",{"_key":45},"SUSE-SU-2024:0842-1",{"_key":47},"SUSE-SU-2024:0518-1",{"_key":49},"SUSE-SU-2024:0549-1",{"_key":51},"SUSE-SU-2024:0815-1",{"_key":53},"SUSE-SU-2024:0831-1",{"_key":55},"SUSE-SU-2024:0833-1",{"_key":57},"OPENSUSE-SU-2024:13656-1",{"_key":59},"OPENSUSE-SU-2024:13662-1",{"_key":61},"OPENSUSE-SU-2024:13663-1",{"_key":63},"DLA-3942-1",{"_key":65},"DLA-3942-2",{"_key":67},"MGASA-2024-0020",{"_key":69},"MGASA-2024-0036",{"_key":71},"MGASA-2024-0281",{"_key":73},"UBUNTU-CVE-2024-0727",{"_key":75},"USN-6622-1",{"_key":77},"USN-6709-1",{"_key":79},"USN-7018-1",{"_key":81},"DEBIAN-CVE-2024-0727",{"_key":83},"USN-6632-1",{"_key":85},"USN-7894-1",{"_key":87},"RHSA-2024:2447",{"_key":89},"RHSA-2024:9088",[],[92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,111,113,115,117,119,121],{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":67},{"_key":69},{"_key":71},{"_key":110},"CGA-4Q7F-4R4P-28J4",{"_key":112},"CGA-6J8P-HQ67-5XVP",{"_key":114},"CGA-82M6-4HXR-W67M",{"_key":116},"CGA-M4WP-P4QQ-W882",{"_key":118},"CGA-V6GJ-WW59-2G5W",{"_key":120},"CGA-XJVX-5HVH-GX2X",{"_key":122},"CGA-92VG-CVC9-FCWM","2024-01-26T08:57:19.579Z","2026-05-12T11:26:05.375Z","Modified",{"cisa_kev":127,"cisa_ransomware":127,"cisa_vendor":9,"epss_severity":128,"epss_score":129,"severity":130,"severity_score":131,"severity_version":132,"severity_source":133,"severity_vector":134,"severity_status":125},false,"low",0.00208,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",[136,144,149,153,157,161,165,170,174,178,182,187,191,195,199,203,207,211,215,219,223],{"url":137,"sources":138,"tags":141},"https://www.openssl.org/news/secadv/20240125.txt",[133,139,140],"nvd","osv_pypi",[142,143],"Vendor Advisory","WEB",{"url":145,"sources":146,"tags":147},"https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a",[133,139,140],[148,143],"Patch",{"url":150,"sources":151,"tags":152},"https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c",[133,139,140],[148,143],{"url":154,"sources":155,"tags":156},"https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2",[133,139,140],[148,143],{"url":158,"sources":159,"tags":160},"https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8",[133,139,140],[148,143],{"url":162,"sources":163,"tags":164},"https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539",[133,139,140],[148,143],{"url":166,"sources":167,"tags":168},"https://security.netapp.com/advisory/ntap-20240208-0006/",[133,139],[169],"X Transferred",{"url":171,"sources":172,"tags":173},"http://www.openwall.com/lists/oss-security/2024/03/11/1",[133,139,140],[169,143],{"url":175,"sources":176,"tags":177},"https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html",[133,139,140],[143],{"url":179,"sources":180,"tags":181},"https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html",[133,139,140],[143],{"url":183,"sources":184,"tags":185},"https://nvd.nist.gov/vuln/detail/CVE-2024-0727",[140],[186],"Advisory",{"url":188,"sources":189,"tags":190},"https://github.com/github/advisory-database/pull/3472",[140],[143],{"url":192,"sources":193,"tags":194},"https://github.com/openssl/openssl/pull/23362",[140],[143],{"url":196,"sources":197,"tags":198},"https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2",[140],[143],{"url":200,"sources":201,"tags":202},"https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d",[140],[143],{"url":204,"sources":205,"tags":206},"https://security.netapp.com/advisory/ntap-20240208-0006",[140],[143],{"url":208,"sources":209,"tags":210},"https://cert-portal.siemens.com/productcert/html/ssa-265688.html",[133,139,140],[143],{"url":212,"sources":213,"tags":214},"https://cert-portal.siemens.com/productcert/html/ssa-331112.html",[133,139,140],[143],{"url":216,"sources":217,"tags":218},"https://cert-portal.siemens.com/productcert/html/ssa-915275.html",[133,139,140],[143],{"url":220,"sources":221,"tags":222},"https://cert-portal.siemens.com/productcert/html/ssa-769027.html",[133,139,140],[143],{"url":224,"sources":225,"tags":226},"https://cert-portal.siemens.com/productcert/html/ssa-277137.html",[133,139,140],[143],[],{"date":229,"score":129,"percentile":230},"2026-06-04",0.43185,[232,236,239,242,245,248,251,254,257,260,263,266,269,272,274,278,281,284,287,290,293,296,299,302,304,307,310,313,317,320,323,327,330,333,336,339,342,345,348,351,354,358,361,364,368,371,374,377,380,383,386,389,392,395,399,402,405,408,411,415,418,421,424,427,430,432,435,438,440,443,446,449,452,456,459,462,465,468,472,475,478,481,484,487,490,493,495,498,501,504],{"date":233,"score":234,"percentile":235},"2025-11-04",0.00213,0.4385,{"date":237,"score":234,"percentile":238},"2025-11-05",0.43847,{"date":240,"score":234,"percentile":241},"2025-11-06",0.43857,{"date":243,"score":234,"percentile":244},"2025-11-07",0.43884,{"date":246,"score":234,"percentile":247},"2025-11-08",0.43883,{"date":249,"score":234,"percentile":250},"2025-11-09",0.43861,{"date":252,"score":234,"percentile":253},"2025-11-10",0.43819,{"date":255,"score":234,"percentile":256},"2025-11-11",0.43837,{"date":258,"score":234,"percentile":259},"2025-11-12",0.43873,{"date":261,"score":234,"percentile":262},"2025-11-13",0.43886,{"date":264,"score":234,"percentile":265},"2025-11-14",0.43898,{"date":267,"score":234,"percentile":268},"2025-11-15",0.43892,{"date":270,"score":234,"percentile":271},"2025-11-16",0.43876,{"date":273,"score":234,"percentile":235},"2025-11-17",{"date":275,"score":276,"percentile":277},"2025-11-18",0.01379,0.78615,{"date":279,"score":276,"percentile":280},"2025-11-19",0.78624,{"date":282,"score":276,"percentile":283},"2025-11-20",0.78631,{"date":285,"score":234,"percentile":286},"2025-11-21",0.43835,{"date":288,"score":234,"percentile":289},"2025-11-22",0.43832,{"date":291,"score":234,"percentile":292},"2025-11-23",0.4381,{"date":294,"score":234,"percentile":295},"2025-11-24",0.43803,{"date":297,"score":234,"percentile":298},"2025-11-25",0.43814,{"date":300,"score":234,"percentile":301},"2025-11-26",0.43812,{"date":303,"score":234,"percentile":253},"2025-11-27",{"date":305,"score":234,"percentile":306},"2025-11-28",0.43788,{"date":308,"score":234,"percentile":309},"2025-11-29",0.43768,{"date":311,"score":234,"percentile":312},"2025-11-30",0.43748,{"date":314,"score":315,"percentile":316},"2025-12-01",0.00137,0.34247,{"date":318,"score":315,"percentile":319},"2025-12-02",0.34261,{"date":321,"score":315,"percentile":322},"2025-12-03",0.34259,{"date":324,"score":325,"percentile":326},"2025-12-04",0.00219,0.44365,{"date":328,"score":325,"percentile":329},"2025-12-05",0.4439,{"date":331,"score":325,"percentile":332},"2025-12-06",0.44385,{"date":334,"score":325,"percentile":335},"2025-12-07",0.44368,{"date":337,"score":325,"percentile":338},"2025-12-08",0.44376,{"date":340,"score":325,"percentile":341},"2025-12-09",0.44412,{"date":343,"score":325,"percentile":344},"2025-12-10",0.4448,{"date":346,"score":325,"percentile":347},"2025-12-11",0.44507,{"date":349,"score":325,"percentile":350},"2025-12-12",0.44535,{"date":352,"score":325,"percentile":353},"2025-12-13",0.44514,{"date":355,"score":356,"percentile":357},"2025-12-14",0.00201,0.42374,{"date":359,"score":356,"percentile":360},"2025-12-15",0.4236,{"date":362,"score":356,"percentile":363},"2025-12-16",0.42389,{"date":365,"score":366,"percentile":367},"2025-12-17",0.00196,0.4182,{"date":369,"score":356,"percentile":370},"2025-12-18",0.42472,{"date":372,"score":356,"percentile":373},"2025-12-19",0.42488,{"date":375,"score":366,"percentile":376},"2025-12-20",0.4185,{"date":378,"score":366,"percentile":379},"2025-12-21",0.41809,{"date":381,"score":366,"percentile":382},"2025-12-22",0.41783,{"date":384,"score":366,"percentile":385},"2025-12-23",0.41786,{"date":387,"score":366,"percentile":388},"2025-12-24",0.41803,{"date":390,"score":366,"percentile":391},"2025-12-25",0.41852,{"date":393,"score":366,"percentile":394},"2025-12-26",0.41833,{"date":396,"score":397,"percentile":398},"2025-12-27",0.00314,0.54215,{"date":400,"score":366,"percentile":401},"2025-12-28",0.41763,{"date":403,"score":366,"percentile":404},"2025-12-29",0.41746,{"date":406,"score":366,"percentile":407},"2025-12-30",0.41736,{"date":409,"score":366,"percentile":410},"2025-12-31",0.41782,{"date":412,"score":413,"percentile":414},"2026-01-01",0.00126,0.32804,{"date":416,"score":413,"percentile":417},"2026-01-02",0.32792,{"date":419,"score":413,"percentile":420},"2026-01-03",0.32779,{"date":422,"score":366,"percentile":423},"2026-01-04",0.41722,{"date":425,"score":366,"percentile":426},"2026-01-05",0.41699,{"date":428,"score":366,"percentile":429},"2026-01-06",0.417,{"date":431,"score":366,"percentile":423},"2026-01-07",{"date":433,"score":366,"percentile":434},"2026-01-08",0.41749,{"date":436,"score":366,"percentile":437},"2026-01-09",0.41729,{"date":439,"score":366,"percentile":437},"2026-01-10",{"date":441,"score":366,"percentile":442},"2026-01-11",0.41698,{"date":444,"score":366,"percentile":445},"2026-01-12",0.4165,{"date":447,"score":366,"percentile":448},"2026-01-13",0.41628,{"date":450,"score":366,"percentile":451},"2026-01-14",0.41677,{"date":453,"score":454,"percentile":455},"2026-01-15",0.00174,0.39132,{"date":457,"score":454,"percentile":458},"2026-01-16",0.39153,{"date":460,"score":454,"percentile":461},"2026-01-17",0.39124,{"date":463,"score":454,"percentile":464},"2026-01-18",0.39075,{"date":466,"score":454,"percentile":467},"2026-01-19",0.39047,{"date":469,"score":470,"percentile":471},"2026-01-20",0.00189,0.40827,{"date":473,"score":470,"percentile":474},"2026-01-21",0.40828,{"date":476,"score":470,"percentile":477},"2026-01-22",0.40819,{"date":479,"score":470,"percentile":480},"2026-01-23",0.40878,{"date":482,"score":470,"percentile":483},"2026-01-24",0.40887,{"date":485,"score":470,"percentile":486},"2026-01-25",0.40838,{"date":488,"score":470,"percentile":489},"2026-01-26",0.40796,{"date":491,"score":470,"percentile":492},"2026-01-27",0.40797,{"date":494,"score":470,"percentile":489},"2026-01-28",{"date":496,"score":470,"percentile":497},"2026-01-29",0.40778,{"date":499,"score":470,"percentile":500},"2026-01-30",0.40784,{"date":502,"score":470,"percentile":503},"2026-01-31",0.40794,{"date":505,"score":506,"percentile":507},"2026-02-01",0.00122,0.3175,[509,514,516],{"source":133,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":510,"cvss_v4_0":9},{"baseScore":131,"baseSeverity":511,"vectorString":134,"impactScore":512,"exploitabilityScore":513},"MEDIUM",6,4.6,{"source":139,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":515,"cvss_v4_0":9},{"baseScore":131,"baseSeverity":511,"vectorString":134,"impactScore":512,"exploitabilityScore":513},{"source":140,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":517,"cvss_v4_0":9},{"baseScore":131,"baseSeverity":9,"vectorString":134,"impactScore":512,"exploitabilityScore":513},[519,547],{"ecosystem":9,"name":520,"vendor":9,"product":520,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":521},"OpenSSL",[522,529,534,538,542,546],{"version":523,"is_range":524,"range_type":133,"version_start":525,"version_start_type":526,"version_end":527,"version_end_type":528,"fixed_in":9},">= 3.2.0, \u003C 3.2.1",true,"3.2.0","including","3.2.1","excluding",{"version":530,"is_range":524,"range_type":531,"version_start":532,"version_start_type":526,"version_end":533,"version_end_type":528,"fixed_in":9},"gte1.0.2_lt1.0.2zj","cpe","1.0.2","1.0.2zj",{"version":535,"is_range":524,"range_type":531,"version_start":536,"version_start_type":526,"version_end":537,"version_end_type":528,"fixed_in":9},"gte1.1.1_lt1.1.1x","1.1.1","1.1.1x",{"version":539,"is_range":524,"range_type":531,"version_start":540,"version_start_type":526,"version_end":541,"version_end_type":528,"fixed_in":9},"gte3.0.0_lt3.0.13","3.0.0","3.0.13",{"version":543,"is_range":524,"range_type":531,"version_start":544,"version_start_type":526,"version_end":545,"version_end_type":528,"fixed_in":9},"gte3.1.0_lt3.1.5","3.1.0","3.1.5",{"version":525,"is_range":127,"range_type":531,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":548,"name":549,"vendor":548,"product":549,"cpe_part":9,"purl_type":550,"purl_namespace":9,"purl_name":549,"source":9,"versions":551},"PyPI","cryptography","pypi",[552],{"version":553,"is_range":524,"range_type":554,"version_start":9,"version_start_type":9,"version_end":555,"version_end_type":528,"fixed_in":9},"lt42_0_2","ecosystem","42.0.2"]