Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/10171?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/10171?format=api", "purl": "pkg:alpm/archlinux/lib32-libcurl-gnutls@7.63.0-2", "type": "alpm", "namespace": "archlinux", "name": "lib32-libcurl-gnutls", "version": "7.63.0-2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "7.64.0-1", "latest_non_vulnerable_version": "8.4.0-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5025?format=api", "vulnerability_id": "VCID-dwdw-7qrb-wyhm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.79411", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.79346", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.79421", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.79426", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890" }, { "reference_url": "https://curl.se/docs/CVE-2018-16890.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106947", "reference_id": "106947", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "http://www.securityfocus.com/bid/106947" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", "reference_id": "1670252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670252" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "3882-1", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "cpuapr2019-5072813.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "cpujul2019-5072835.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16890.html", "reference_id": "CVE-2018-16890.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "RHSA-2019:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890", "reference_id": "show_bug.cgi?id=CVE-2018-16890", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/10172?format=api", "purl": "pkg:alpm/archlinux/lib32-libcurl-gnutls@7.64.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-gnutls@7.64.0-1" } ], "aliases": [ "CVE-2018-16890" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwdw-7qrb-wyhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7060?format=api", "vulnerability_id": "VCID-gd9s-t88s-4kcg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18518", "scoring_system": "epss", "scoring_elements": "0.95397", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.18518", "scoring_system": "epss", "scoring_elements": "0.95418", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.18518", "scoring_system": "epss", "scoring_elements": "0.95416", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.18518", "scoring_system": "epss", "scoring_elements": "0.95412", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822" }, { "reference_url": "https://curl.se/docs/CVE-2019-3822.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "106950", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", "reference_id": "1670254", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670254" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "201903-03", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "3882-1", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "cpuapr2019-5072813.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "cpujul2019-5072835.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3822.html", "reference_id": "CVE-2019-3822.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://support.f5.com/csp/article/K84141449", "reference_id": "K84141449", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://support.f5.com/csp/article/K84141449" }, { "reference_url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0004/", "reference_id": "ntap-20190719-0004", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "RHSA-2019:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822", "reference_id": "show_bug.cgi?id=CVE-2019-3822", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/10172?format=api", "purl": "pkg:alpm/archlinux/lib32-libcurl-gnutls@7.64.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-gnutls@7.64.0-1" } ], "aliases": [ "CVE-2019-3822" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gd9s-t88s-4kcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7061?format=api", "vulnerability_id": "VCID-xhba-8zpp-ebgk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01568", "scoring_system": "epss", "scoring_elements": "0.81997", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01568", "scoring_system": "epss", "scoring_elements": "0.82006", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01568", "scoring_system": "epss", "scoring_elements": "0.81936", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01568", "scoring_system": "epss", "scoring_elements": "0.81998", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823" }, { "reference_url": "https://curl.se/docs/CVE-2019-3823.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "106950", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", "reference_id": "1670256", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670256" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "3882-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "cpuapr2019-5072813.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "cpujul2019-5072835.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3823.html", "reference_id": "CVE-2019-3823.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "RHSA-2019:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", "reference_id": "show_bug.cgi?id=CVE-2019-3823", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", "reference_id": "ssa-936080.pdf", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/10172?format=api", "purl": "pkg:alpm/archlinux/lib32-libcurl-gnutls@7.64.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-gnutls@7.64.0-1" } ], "aliases": [ "CVE-2019-3823" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhba-8zpp-ebgk" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libcurl-gnutls@7.63.0-2" }