{"id":63087,"date":"2023-07-07T16:02:52","date_gmt":"2023-07-07T23:02:52","guid":{"rendered":"https:\/\/www.rambus.com\/?page_id=63087"},"modified":"2023-07-10T07:58:40","modified_gmt":"2023-07-10T14:58:40","slug":"rmbs-2023-03","status":"publish","type":"page","link":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/","title":{"rendered":"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit)"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"63087\" class=\"elementor elementor-63087\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-574c8c1 elementor-section-stretched elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"574c8c1\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;stretch_section&quot;:&quot;section-stretched&quot;,&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-841b834\" data-id=\"841b834\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-cf40543 elementor-widget elementor-widget-breadcrumbs\" data-id=\"cf40543\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"breadcrumbs.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<p id=\"breadcrumbs\"><span><span><a href=\"https:\/\/www.rambus.com\/\">Home<\/a><\/span><\/span><\/p>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f1969e0 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f1969e0\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7455901\" data-id=\"7455901\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7dbcc7f elementor-widget elementor-widget-text-editor\" data-id=\"7dbcc7f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<table><tbody><tr><td width=\"30%\"><strong>Title<\/strong><\/td><td>Remote denial of service vulnerability<br \/>in MatrixSSL (TLS Toolkit)<\/td><\/tr><tr><td><strong>Rambus Tracking ID<\/strong><\/td><td>RMBS-2023-03<\/td><\/tr><tr><td><strong>CVE (if applicable)<\/strong><\/td><td>\u00a0<\/td><\/tr><tr><td><strong>Publication Date<br \/>(YYYY-MM-DD)<\/strong><\/td><td>2023-06-01<\/td><\/tr><\/tbody><\/table><p><strong>Background<\/strong><\/p><p>A security vulnerability has been identified in the Rambus TLS Toolkit software and its open-source version, MatrixSSL (TLS Toolkit) (formerly from Inside Secure). A release which remediates the vulnerability is available and has been distributed to existing customers that are affected.<strong>\u00a0<\/strong><\/p><p><strong>Vulnerability Description<\/strong><\/p><p>The vulnerability is located in the TLSv1.3 pre-shared-key extension parsing of the TLS-Client-Hello message. The function tls13VerifyBinder() executes the following function:<\/p><p>\/\/prototype<br \/>int32_t tls13TranscriptHashUpdate(ssl_t *ssl,<br \/>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0const unsigned char *in,<br \/>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0psSize_t len)<\/p><p>\/\/execution<br \/>tls13TranscriptHashUpdate(ssl,<br \/>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0ssl-&gt;sec.tls13CHStart,<br \/>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0ssl-&gt;sec.tls13CHLen &#8211; ssl-&gt;sec.tls13BindersLen);<\/p><p>The input parameter of the execution contains the subtraction:<br \/>ssl-&gt;sec.tls13CHLen -ssl-&gt;sec.tls13BindersLen.<br \/>At this point, a short integer (psSize_t len) wrap around can happen, because the datatype psSize_t is unsigned short integer and there is no length check to avoid it. In worst case, the variable len gets the value 65535 and the attacked device will calculate a hash like SHA-2 over at least 65 kilobytes RAM data.<\/p><p><strong>Severity Level<\/strong><br \/>This is considered a High severity bug.<\/p><p><strong>Impact<\/strong><br \/>The vulnerability allows an attacker to execute a hash (e.g. SHA-2) over at least 65 kilobytes RAM<\/p><p>data per TLS-Client-Hello message. With a large number of messages, the CPU is heavily loaded and can lead to a DoS attack.<\/p><p><strong>Affected Products<\/strong><\/p><table><thead><tr><td width=\"245\"><strong>Product Name<\/strong><\/td><td width=\"378\"><strong>Version(s)<\/strong><\/td><\/tr><\/thead><tbody><tr><td width=\"245\">MatrixSSL (TLS Toolkit)<\/td><td width=\"378\">4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.4.0, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.6.0 (if TLS1.3 is enabled)<\/td><\/tr><tr><td width=\"245\">SafeZone FIPS140-2 Complete<\/td><td width=\"378\"><p>10.5.0, 10.5.1, 10.5.2, 10.5.3, 10.6.0<\/p><p>if MatrixSSL is used and TLS1.3 is enabled<\/p><\/td><\/tr><tr><td width=\"245\">SafeZone FIPS140-3 Complete<\/td><td width=\"378\"><p>10.5.0, 10.5.1, 10.5.2, 10.5.3, 10.6.0<\/p><p>if MatrixSSL is used and TLS1.3 is enabled<\/p><\/td><\/tr><tr><td width=\"245\">SafeZone FIPS SW Toolkit<\/td><td width=\"378\">10.3.0, 10.4.0<br \/>if MatrixSSL is used and TLS1.3 is enabled<\/td><\/tr><tr><td width=\"245\">Inside Secure FIPS SW Toolkit<\/td><td width=\"378\"><p>10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1 10.2.2<\/p><p>if MatrixSSL is used and TLS1.3 is enabled<\/p><\/td><\/tr><tr><td width=\"245\">SafeZone FIPS SW Toolkit FIPS_140-3_rc3<\/td><td width=\"378\">10.4.x if MatrixSSL is used and TLS1.3 is enabled<\/td><\/tr><tr><td width=\"245\">TLS FIPS Toolkit<\/td><td width=\"378\">4.3.0, 4.4.0, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.6.0 (if TLS1.3 is enabled)<\/td><\/tr><\/tbody><\/table><p><strong>\u00a0<\/strong><\/p><p><strong>Unaffected Products<\/strong><\/p><table><tbody><tr><td width=\"245\"><strong>Product Name<\/strong><\/td><td width=\"378\"><strong>Version(s)<\/strong><\/td><\/tr><tr><td width=\"245\">MatrixSSL (TLS Toolkit)<\/td><td width=\"378\">3.x and before<\/td><\/tr><tr><td width=\"245\">SafeZone FIPS SW Toolkit<\/td><td width=\"378\">9.x and before<\/td><\/tr><\/tbody><\/table><p><strong>\u00a0<\/strong><\/p><p><strong>Remediation<\/strong><br \/>Rambus has developed patched versions of MatrixSSL (TLS Toolkit) that addresses the vulnerability. The fix checks if there would be a wraparound and, in that case, returns alert 50 (decode error).<\/p><p><strong>Action Taken<\/strong><br \/>Rambus is planning an update that fixes security issues in the open source MatrixSSL version but as this is a high severity issue, we will pre-notify TLS Toolkit customers directly and provide a patch or new release before publishing the MatrixSSL update.<\/p><p>An updated package \u2013 version 4.7.0 \u2013 will be released to GitHub on 2023-07-04. (<a href=\"https:\/\/github.com\/matrixssl\/matrixssl\">https:\/\/github.com\/matrixssl\/matrixssl<\/a>)<\/p><p>No further information about the issues will be provided.<\/p><p><strong>Acknowledgement<\/strong><br \/>The vulnerability was found by Robert H\u00f6rr and Alissar Ibrahim, Security Evaluators of the Telekom Security Evaluation Facility.<\/p><p>For any inquiries, please <a href=\"https:\/\/www.rambus.com\/contact\/\">contact<\/a> Rambus.<\/p><p><strong>Revision History<\/strong><\/p><table><tbody><tr><td width=\"85\"><strong>Version<\/strong><\/td><td width=\"240\"><strong>Description<\/strong><\/td><td width=\"156\"><strong>Status<\/strong><\/td><td width=\"143\"><strong>Date (YYYY-MM-DD)<\/strong><\/td><\/tr><tr><td width=\"85\">1.2<\/td><td width=\"240\">Initial Public Release<\/td><td width=\"156\">Final<\/td><td width=\"143\">2023-06-01<\/td><\/tr><\/tbody><\/table><p>\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Title Remote denial of service vulnerabilityin MatrixSSL (TLS Toolkit) Rambus Tracking ID RMBS-2023-03 CVE (if applicable) \u00a0 Publication Date(YYYY-MM-DD) 2023-06-01 Background A security vulnerability has been identified in the Rambus TLS Toolkit software and its open-source version, MatrixSSL (TLS Toolkit) (formerly from Inside Secure). A release which remediates the vulnerability is available and has been [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"parent":62164,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-full.php","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":"","_links_to":"","_links_to_target":""},"tags":[],"class_list":{"0":"post-63087","1":"page","2":"type-page","3":"status-publish","5":"entry"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.9 (Yoast SEO v26.9) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Remote denial of service vulnerability in MatrixSSL (TLS Toolkit) - Rambus<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit)\" \/>\n<meta property=\"og:description\" content=\"TitleRemote denial of service vulnerabilityin MatrixSSL (TLS Toolkit)Rambus Tracking IDRMBS-2023-03CVE (if applicable)\u00a0Publication\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/\" \/>\n<meta property=\"og:site_name\" content=\"Rambus\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RambusInc\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-10T14:58:40+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@rambusinc\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/\",\"url\":\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/\",\"name\":\"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit) - Rambus\",\"isPartOf\":{\"@id\":\"https:\/\/www.rambus.com\/#website\"},\"datePublished\":\"2023-07-07T23:02:52+00:00\",\"dateModified\":\"2023-07-10T14:58:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.rambus.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security IP\",\"item\":\"https:\/\/www.rambus.com\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security Response Center\",\"item\":\"https:\/\/www.rambus.com\/security\/response-center\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Security Advisories\",\"item\":\"https:\/\/www.rambus.com\/security\/response-center\/advisories\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.rambus.com\/#website\",\"url\":\"https:\/\/www.rambus.com\/\",\"name\":\"Rambus\",\"description\":\"At Rambus, we create cutting-edge semiconductor and IP products, providing industry-leading chips and silicon IP to make data faster and safer.\",\"publisher\":{\"@id\":\"https:\/\/www.rambus.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.rambus.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.rambus.com\/#organization\",\"name\":\"Rambus\",\"url\":\"https:\/\/www.rambus.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.rambus.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.rambus.com\/wp-content\/uploads\/2025\/09\/Rambus_Logo.png\",\"contentUrl\":\"https:\/\/www.rambus.com\/wp-content\/uploads\/2025\/09\/Rambus_Logo.png\",\"width\":200,\"height\":62,\"caption\":\"Rambus\"},\"image\":{\"@id\":\"https:\/\/www.rambus.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RambusInc\",\"https:\/\/x.com\/rambusinc\",\"https:\/\/www.linkedin.com\/company\/rambus\",\"https:\/\/www.youtube.com\/user\/RambusWeb\"],\"description\":\"Rambus is a provider of industry-leading chips and silicon IP.\",\"email\":\"ebiz@rambus.com\",\"telephone\":\"+1-408-462-8000\",\"legalName\":\"Rambus Inc.\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"501\",\"maxValue\":\"1000\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit) - Rambus","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/","og_locale":"en_US","og_type":"article","og_title":"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit)","og_description":"TitleRemote denial of service vulnerabilityin MatrixSSL (TLS Toolkit)Rambus Tracking IDRMBS-2023-03CVE (if applicable)\u00a0Publication","og_url":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/","og_site_name":"Rambus","article_publisher":"https:\/\/www.facebook.com\/RambusInc","article_modified_time":"2023-07-10T14:58:40+00:00","twitter_card":"summary_large_image","twitter_site":"@rambusinc","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/","url":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/","name":"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit) - Rambus","isPartOf":{"@id":"https:\/\/www.rambus.com\/#website"},"datePublished":"2023-07-07T23:02:52+00:00","dateModified":"2023-07-10T14:58:40+00:00","breadcrumb":{"@id":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/rmbs-2023-03\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.rambus.com\/"},{"@type":"ListItem","position":2,"name":"Security IP","item":"https:\/\/www.rambus.com\/security\/"},{"@type":"ListItem","position":3,"name":"Security Response Center","item":"https:\/\/www.rambus.com\/security\/response-center\/"},{"@type":"ListItem","position":4,"name":"Security Advisories","item":"https:\/\/www.rambus.com\/security\/response-center\/advisories\/"},{"@type":"ListItem","position":5,"name":"Remote denial of service vulnerability in MatrixSSL (TLS Toolkit)"}]},{"@type":"WebSite","@id":"https:\/\/www.rambus.com\/#website","url":"https:\/\/www.rambus.com\/","name":"Rambus","description":"At Rambus, we create cutting-edge semiconductor and IP products, providing industry-leading chips and silicon IP to make data faster and safer.","publisher":{"@id":"https:\/\/www.rambus.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.rambus.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.rambus.com\/#organization","name":"Rambus","url":"https:\/\/www.rambus.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.rambus.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.rambus.com\/wp-content\/uploads\/2025\/09\/Rambus_Logo.png","contentUrl":"https:\/\/www.rambus.com\/wp-content\/uploads\/2025\/09\/Rambus_Logo.png","width":200,"height":62,"caption":"Rambus"},"image":{"@id":"https:\/\/www.rambus.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RambusInc","https:\/\/x.com\/rambusinc","https:\/\/www.linkedin.com\/company\/rambus","https:\/\/www.youtube.com\/user\/RambusWeb"],"description":"Rambus is a provider of industry-leading chips and silicon IP.","email":"ebiz@rambus.com","telephone":"+1-408-462-8000","legalName":"Rambus Inc.","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"501","maxValue":"1000"}}]}},"_links":{"self":[{"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/pages\/63087","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/comments?post=63087"}],"version-history":[{"count":0,"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/pages\/63087\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/pages\/62164"}],"wp:attachment":[{"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/media?parent=63087"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rambus.com\/wp-json\/wp\/v2\/tags?post=63087"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}